Security testing method, apparatus, computer equipment and storage medium

A technology of security testing and computer programs, which is applied in the field of information security, can solve problems such as low security testing efficiency, inability to detect security, and inability to obtain APP traffic smoothly, so as to improve the efficiency of security testing and reduce difficulty and complexity.
CN114039760BActive Publication Date: 2022-08-09INDUSTRIAL AND COMMERCIAL BANK OF CHINA
0 Cites 0 Cited by

Patent Information

Authority / Receiving Office
CN ยท China
Patent Type
Patents(China)
Current Assignee / Owner
INDUSTRIAL AND COMMERCIAL BANK OF CHINA
Publication Date
2022-08-09

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The present application relates to a security testing method, apparatus, computer equipment and storage medium. The method relates to the technical field of information security, and the method includes: generating a simulated network message according to input parameters of an application to be tested, and transmitting the simulated network message to a virtual server program in a user terminal; In the process of transmission to the virtual server program, the simulated network message is intercepted; the simulated network message is processed, and a security test is performed based on the processed simulated network message. That is, in the embodiment of the present application, a simulated network environment can be established locally on the user terminal, which can avoid the problem that the application program directly interacts with the server, so that the man-in-the-middle test module cannot obtain the input parameters and thus cannot perform the security test. The network message is processed, and the security test of the application to be tested is realized by processing the simulated network message, so as to improve the security test efficiency.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The present application relates to the technical field of information security, and in particular, to a security testing method, apparatus, computer equipment and storage medium. Background technique

[0002] With the popularization of intelligent terminals, a large number of mobile phone software (application, APP for short) have emerged in the application market for user terminals to download and use. In order to ensure the security of the APP installed on the user terminal, before the APP is released, the APP needs to be checked for security to identify vulnerabilities.

[0003] In traditional technologies, security detection is usually performed by means of a man-in-the-middle agent, which means that the APP traffic of the user terminal is hijacked by an intermediary agent detection tool, and the hijacked APP traffic is analyzed to realize security detection.

[0004] However, with the continuous improvement of the security confrontation ability o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More