Unlock instant, AI-driven research and patent intelligence for your innovation.

Penetration testing method and device, computer equipment and storage medium

A technology of penetration testing and testing equipment, applied in the field of network security, can solve the problem of low efficiency of exploiting vulnerabilities and achieve the effect of improving utilization efficiency

Pending Publication Date: 2022-04-12
招银云创信息技术有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] At present, the existing penetration testing methods have the problem of low vulnerability utilization efficiency

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Penetration testing method and device, computer equipment and storage medium
  • Penetration testing method and device, computer equipment and storage medium
  • Penetration testing method and device, computer equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0053] In order to make the purpose, technical solution and advantages of the present application clearer, the present application will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present application, and are not intended to limit the present application.

[0054] The penetration testing method provided by this application can be applied to the application environment in the field of network security, and the application environment includes such as figure 1The computer device 1 and the device under test 2 are shown. The computer device 1 determines the corresponding device 2 to be tested according to the IP address or domain name. The device 2 to be tested can be a server or a switch. Query the vulnerability table in the database according to the relevant information to obtain the target quantification factor of each vulner...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a penetration testing method and device, computer equipment and a storage medium. The method comprises the following steps: in a scanning process of performing penetration testing on equipment to be tested, obtaining related information of each vulnerability; querying a vulnerability table in a database according to the related information to obtain a target quantification factor of each vulnerability; according to the target quantization factor and the basic quantization value of the vulnerability, obtaining a target quantization value of each vulnerability; and analyzing and attacking each vulnerability according to the priority sequence corresponding to the quantized value interval where the target quantized value is located. In the scanning process, related information of the vulnerabilities is obtained, a security vulnerability grading method is given according to grading factors and hazard grade degrees of the security vulnerabilities of the information system, the order of magnitude of traditional three-level vulnerabilities is refined, the vulnerabilities are quantitatively described according to the related information, and a vulnerability grading table is formed. And preferential automatic penetration attacks are carried out on the vulnerabilities with high scores, so that the utilization efficiency of the penetration vulnerabilities is improved.

Description

technical field [0001] The present application relates to the technical field of network security, in particular to a penetration testing method, device, computer equipment and storage medium. Background technique [0002] A security breach provides an opportunity for unauthorized users or illegal objects to attack a system, thereby compromising its integrity and confidentiality. Hence, penetration testing of software products helps to get rid of these vulnerabilities so that the system is sufficiently capable against expected or even unexpected malicious threats and attacks. Penetration testing is one of the methods of testing malicious attacks in the identification system, simulating attackers to attack the website and then comprehensively detecting and evaluating the website, finding and repairing vulnerabilities before the attackers, so as to prevent unsafe events such as website information leakage . [0003] At present, existing penetration testing methods have the p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F16/2455G06F21/57
Inventor 陈欣炜
Owner 招银云创信息技术有限公司