Unlock instant, AI-driven research and patent intelligence for your innovation.

Penetration testing method, device and equipment and readable storage medium

A technology of penetration testing and response data, applied in the field of computer security, can solve the problems of low efficiency of penetration testing, difficulty in meeting testing requirements, waste of manpower, time-consuming, etc.

Pending Publication Date: 2021-05-18
杭州安恒信息安全技术有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] At present, information collection and penetration attacks often require the participation of testers to complete, which is a waste of manpower and time-consuming, that is, the efficiency of penetration testing is not high, and it is difficult to meet actual testing needs

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Penetration testing method, device and equipment and readable storage medium
  • Penetration testing method, device and equipment and readable storage medium
  • Penetration testing method, device and equipment and readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] In order to enable those skilled in the art to better understand the solution of the present invention, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments. Apparently, the described embodiments are only some of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0055] Please refer to figure 1 , figure 1 It is a flowchart of a penetration testing method in an embodiment of the present invention, and the method includes the following steps:

[0056] S101. Acquire fingerprint features of the target system.

[0057] Wherein, the target system may be any application system that requires penetration testing. The fingerprint feature is the unique feature of the target s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a penetration test method, device and equipment and a readable storage medium. The method comprises the following steps: acquiring fingerprint characteristics of a target system; inputting the fingerprint features into a trained A3C model to obtain a vulnerability payload matched with the fingerprint features; sending the vulnerability effective load to a target system, and receiving a session fed back by the target system; and establishing a target session of the meterpreter based on the session, and executing the post penetration script in the target session to obtain a detection report of the penetration test. Compared with the manual searching of the matched vulnerability payload, the method employs the A3C model to automatically search the vulnerability payload matched with the fingerprint features, can reduce the manpower consumption, is lower in time consumption, and can effectively improve the penetration test efficiency.

Description

technical field [0001] The invention relates to the technical field of computer security, in particular to a penetration test method, device, equipment and a readable storage medium. Background technique [0002] Penetration testing is a process in which a trusted third party conducts in-depth vulnerability mining on the target application system and its host server by simulating the attack methods and vulnerability mining techniques that hackers may use, discovers the vulnerabilities in the system, and verifies the exploitability of the vulnerabilities. process. [0003] Penetration testing is divided into seven stages: pre-interaction, information collection, threat modeling, vulnerability analysis, penetration attack, post-penetration attack, and report generation. Among them, information collection and penetration attack are often the two most time-consuming steps, and they are also automated. The two aspects of the process that most need to improve efficiency. [0004...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57G06K9/62
CPCG06F21/577G06F2221/034G06F18/24155
Inventor 贺一桓赵铁辉
Owner 杭州安恒信息安全技术有限公司