Fiddler-based batch test method and device for security unauthorized problems

A batch testing and problem technology, which is applied in the field of batch testing of security override problems based on fiddler, which can solve problems such as low efficiency, unavailability of data, and labor-intensive writing and maintenance.

Pending Publication Date: 2021-08-03
SHANGHAI ZHONGTONGJI NETWORK TECH CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The existing technology captures the interface first, and then conducts a simulation test through the interface management tool, which requires a lot of manpower to write and maintain the interface use cases in the early stage; in addition, the single interface is verified one by one, the number of interfaces is large, the execution time is long, and the efficiency is very low; fiddler Capture packets at the break point, adopt the method of current measurement and capture, the data after verification cannot be used, which is not conducive to the later management and regression testing of the interface

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Fiddler-based batch test method and device for security unauthorized problems
  • Fiddler-based batch test method and device for security unauthorized problems
  • Fiddler-based batch test method and device for security unauthorized problems

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] In order to make the purpose, technical solution and advantages of the present invention clearer, the technical solution of the present invention will be described in detail below. Apparently, the described embodiments are only some of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other implementations obtained by persons of ordinary skill in the art without making creative efforts fall within the protection scope of the present invention.

[0047] If the project system's interface processing scheme for permissions is consistent, generally the permissions are restricted at the outermost periphery of the interface, and the conclusion of whether the authority is exceeded can be relatively easily realized. This also means that the interface test of the permission test does not need to consider the functional logic of the interface, the parameterization and rationality of the input parameters and other ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a fiddler-based batch test method and device for security unauthorized problems. The method comprises the following steps: acquiring interface information of a to-be-tested interface through a fiddler; configuring parameter information of the test case set and assertion of the public unauthorized interface; replacing the original authentication information of the to-be-tested interface with the configured parameter information in batches to obtain replaced authentication information; triggering and accessing each to-be-tested interface in batches according to the replaced authentication information, so that the to-be-tested interface executes the access request; obtaining response data returned by the server according to the access request, and comparing the response data with the assertion content; and determining a test result according to a comparison result. The to-be-tested interface information is obtained through the fiddler, and the change of interface content does not need to be paid attention to different interfaces, so that the test efficiency is improved; and by replacing the parameter information and the assertion content in batches, the configuration operation of test execution is simplified, so that a tester can test more simply and conveniently.

Description

technical field [0001] The invention relates to the technical field of computer applications, in particular to a fiddler-based batch testing method and device for security overreach issues. Background technique [0002] Privilege violation vulnerability is a common security vulnerability in web applications. During the testing process of the project, after the basic function test is completed, in order to ensure that a certain level of interface has authority restrictions, to prevent non-authorized personnel from operating the functional interface, and to eliminate unauthorized loopholes, it is also necessary to conduct authority access tests on these interfaces. [0003] Some permission tests in the existing technology capture all the information of the interface through browser development tools, and then perform simulation verification through interface management tools (postman, jmeter, or the company's internal self-developed interface automation tools); some use fiddle...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F11/36G06F21/44
CPCG06F11/3688G06F11/3692G06F21/44
Inventor 赵丽丽
Owner SHANGHAI ZHONGTONGJI NETWORK TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap