Phishing page testing method and device, electronic equipment and storage medium
By constructing fake phishing pages and identifying and blocking sensitive fields, the risk of data leakage during phishing drills was mitigated, enabling secure data submission within the enterprise and improving the protection of private information.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- BEIJING HONGTENG INTELLIGENT TECH CO LTD
- Filing Date
- 2023-04-24
- Publication Date
- 2026-06-05
Smart Images

Figure CN118842602B_ABST
Abstract
Description
Technical Field
[0001] This application relates to the field of computer technology, and more specifically, to a method, apparatus, electronic device, and storage medium for testing phishing pages. Background Technology
[0002] With the explosive growth of internet data, phishing websites that steal users' private information such as bank account numbers and passwords are also increasing. The frequent appearance of phishing websites poses a great threat to the privacy and financial security of internet users. Many companies regularly organize internal phishing drills to improve employees' security awareness.
[0003] During phishing drills, the common practice is to receive all data submitted by employees from fake phishing pages and store it in a database. Storing private data in a database poses a significant security risk due to the risk of data leakage.
[0004] Therefore, how to protect the personal information security of employees during fishing drills has become an urgent issue to be addressed.
[0005] It should be noted that the information disclosed in the background section above is only used to enhance the understanding of the background of the present invention, and therefore may include, but does not constitute, information on prior art known to those skilled in the art. Summary of the Invention
[0006] This application provides a phishing page testing method, apparatus, electronic device, and storage medium. The method can selectively submit data from the fake phishing page to the phishing server by blocking sensitive fields of the fake phishing page, thereby improving the security of private data.
[0007] Firstly, a method for testing phishing pages is provided, which includes:
[0008] Construct a corresponding fake phishing page based on the source phishing page;
[0009] Identify the target field of the constructed fake phishing page, which is a sensitive field in the data submitted through the fake phishing page;
[0010] The target field is masked in order to perform phishing tests on the fake phishing page after the masking process.
[0011] In the above technical solution, the target fields of the fake phishing page are first determined, and then the target fields are masked to conduct phishing tests. By masking the sensitive fields in the fake phishing page, data from the fake phishing page can be selectively submitted to the phishing server in an internal enterprise phishing test scenario, reducing the risk of data leakage and improving the security of private data.
[0012] In conjunction with the first aspect, in some possible implementations, determining the target field of the constructed pseudo-phishing page includes: determining the field corresponding to the input box of the pseudo-phishing page and generating a field list; and determining the target field in response to a selection operation on the field list.
[0013] In the above technical solution, all fields in the input boxes of the fake phishing page are identified, a list of fields is provided for the user to select, the target field is determined based on the user's selection operation, and the target field can be customized to meet the user's selection needs.
[0014] Combining the first aspect and the above implementation methods, in some possible implementation methods, the above-mentioned determination of the fields corresponding to the input boxes of the constructed phishing page and generation of the field list includes: parsing the source code of the pseudo-phishing page to determine multiple input tags in the form; and generating the field list based on the fields corresponding to the multiple input tags.
[0015] In the above technical solution, the field list is determined by parsing the source code of the fake phishing page, which can quickly locate all fields from the source code and improve the efficiency of determining the field list.
[0016] In combination with the first aspect and the above implementation methods, in some possible implementation methods, the above-mentioned determination of the target field of the constructed pseudo-phishing page includes: determining the page type of the pseudo-phishing page; determining the sensitive fields in the pseudo-phishing page based on the page type, and obtaining the target field.
[0017] In the above technical solution, different target fields are determined according to different page types, which can automatically determine the sensitive fields of fake phishing pages without the need for manual selection of target fields, thereby realizing automated phishing testing.
[0018] In combination with the first aspect and the above implementation methods, in some possible implementation methods, the above-mentioned masking process for the target field includes: encrypting the target field, the encryption process including symmetric encryption and asymmetric encryption; or, deleting the custom attribute of the target field from the source code of the fake phishing page.
[0019] Combining the first aspect and the above implementation methods, in some possible implementation methods, the above-mentioned construction of a corresponding pseudo-phishing page based on the source phishing page includes: copying the source code of the source phishing page to construct the pseudo-phishing page.
[0020] In combination with the first aspect and the above implementation methods, in some possible implementation methods, the above-mentioned phishing test on the pseudo-phishing page after the blocking process includes: deploying the pseudo-phishing page on a pseudo server; submitting the input data on the pseudo-phishing page to the pseudo server to conduct the phishing test.
[0021] Secondly, an apparatus for testing phishing pages is provided. The apparatus includes: a construction module for constructing a corresponding pseudo-phishing page based on a source phishing page; a determination module for determining a target field of the constructed pseudo-phishing page, wherein the target field is a sensitive field in the data submitted through the phishing page; and a processing module for masking the target field to perform phishing testing on the pseudo-phishing page after the masking process.
[0022] Combining the second aspect and the above implementation methods, in some possible implementation methods, the determining module is specifically used to determine the field corresponding to the input box of the pseudo-phishing page and generate a field list; in response to the selection operation of the field list, the target field is determined.
[0023] Combining the second aspect and the above implementation methods, in some possible implementation methods, the module is specifically used to parse the source code of the fake phishing page and identify multiple input tags in the form; the field list is generated based on the fields corresponding to the multiple input tags.
[0024] Combining the second aspect and the above implementation methods, in some possible implementation methods, the determining module is specifically used to determine the page type of the fake phishing page; based on the page type, the sensitive fields in the source code of the fake phishing page are determined to obtain the target field.
[0025] Combining the second aspect and the above implementation methods, in some possible implementation methods, the processing module is specifically used to encrypt the target field, including symmetric encryption and asymmetric encryption; or, to delete the custom attribute of the target field from the source code of the fake phishing page.
[0026] Combining the second aspect and the above implementation methods, in some possible implementations, the construction module is specifically used to copy the source code of the original phishing page to construct the fake phishing page.
[0027] Combining the second aspect and the above implementation methods, in some possible implementation methods, the processing module is specifically used to deploy the fake phishing page on the fake server; submit the input data on the fake phishing page to the fake server to conduct phishing tests.
[0028] Thirdly, an electronic device is provided, including a memory and a processor. The memory is used to store executable program code, and the processor is used to call and run the executable program code from the memory, causing the electronic device to perform the methods of the first aspect or any possible implementation thereof.
[0029] Fourthly, a computer program product is provided, comprising: computer program code, which, when run on a computer, causes the computer to perform the methods described in the first aspect or any possible implementation thereof.
[0030] Fifthly, a computer-readable storage medium is provided that stores computer program code, which, when executed on a computer, causes the computer to perform the methods described in the first aspect or any possible implementation thereof. Attached Figure Description
[0031] Figure 1 This is a system architecture diagram of a phishing page testing method or phishing page testing device provided in this application embodiment;
[0032] Figure 2 This is a schematic flowchart of a phishing page testing method provided in an embodiment of this application;
[0033] Figure 3 This is a schematic diagram of a fake phishing page provided in an embodiment of this application;
[0034] Figure 4 This is a schematic flowchart illustrating a method for determining the target field of a constructed fake phishing page, as provided in an embodiment of this application.
[0035] Figure 5 This is a schematic diagram of the structure of a phishing page testing device provided in an embodiment of this application;
[0036] Figure 6 This is a schematic diagram of the structure of an electronic device provided in an embodiment of this application. Detailed Implementation
[0037] The technical solutions in this application will be clearly and thoroughly described below with reference to the accompanying drawings. In the description of the embodiments of this application, unless otherwise stated, " / " means "or," for example, A / B can mean A or B. "And / or" in the text is merely a description of the relationship between related objects, indicating that three relationships can exist. For example, A and / or B can represent: A existing alone, A and B existing simultaneously, and B existing alone. Furthermore, in the description of the embodiments of this application, "multiple" refers to two or more than two.
[0038] Hereinafter, the terms "first" and "second" are used for descriptive purposes only and should not be construed as implying or suggesting relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more of that feature.
[0039] Figure 1 This is a system architecture diagram of a phishing page testing method or phishing page testing device provided in this application embodiment.
[0040] Reference Figure 1 As shown, system architecture 100 may include one or more of client devices 101, 102, and 103, a network 104, and a server 105. Network 104 serves as the medium for providing a communication link between client devices 101, 102, and 103 and server 105. Network 104 may include various connection types, such as wired, wireless, or fiber optic cables, etc.
[0041] Client devices 101, 102, and 103 can be various electronic devices, including but not limited to: personal computers, tablets, handheld devices, wearable devices, computing devices, or other processing devices connected to a wireless modem. Terminal devices may have different names in different networks, such as: user equipment, access terminal, user unit, user station, mobile station, mobile station, remote station, remote terminal, mobile device, user terminal, terminal, wireless communication equipment, user agent or user device, cellular phone, cordless phone, terminal device in 5G networks or future evolved networks, etc.
[0042] Server 105 can be a server that provides various services, such as login for web pages, applications, or bank accounts, as well as payment operations.
[0043] Users can use client devices 101, 102, and 103 to interact with server 105 via network 104 to log in to the website or send and receive information, etc. Various web browsers or client applications can be installed on client devices 101, 102, and 103.
[0044] It should be understood that Figure 1 The number of terminal devices, networks, and servers shown is merely illustrative. Depending on implementation needs, there can be any number of terminal devices, networks, and servers. For example, server 105 could be a server cluster composed of multiple servers.
[0045] It should be noted that the phishing page testing method provided in this application embodiment can be executed by client devices 101, 102, and 103 individually, or by client devices 101, 102, and 103 and server 105 together.
[0046] In the example embodiment, electronic devices 101, 102, or 103 construct a corresponding pseudo-phishing page based on the source phishing page; determine the target field of the constructed pseudo-phishing page, mask the target field, and deploy the processed pseudo-phishing page on server 105 for phishing testing.
[0047] Figure 2 This is a schematic flowchart illustrating a phishing page testing method provided in an embodiment of this application. The execution subject of this method can be a computing device with computational processing capabilities, such as... Figure 1 The electronic devices 101, 102, and 103 shown are illustrated. The phishing page testing method includes steps S201 to S203. The phishing page testing method in the example embodiment will be described in detail below with reference to the accompanying drawings.
[0048] Reference Figure 2 As shown, in step S201, a corresponding fake phishing page is constructed based on the source phishing page.
[0049] In the example embodiment, the source phishing page is a genuine phishing page, including pages from phishing websites or phishing emails. The source phishing page includes input fields for entering user information; for example, it could be a login page or a registration page. The fake phishing page is a phishing page constructed to resemble the real phishing page.
[0050] Specifically, select the website to be phished, copy the Hyper Text Markup Language (HTML) source code of the original phishing webpage, and construct a fake phishing page identical to the original phishing webpage, such as... Figure 3 The fake login page and fake registration page are shown in (a) and (b) in the image.
[0051] Step S202: Determine the target field of the constructed fake phishing page. The target field is a sensitive field in the data submitted through the fake phishing page.
[0052] In the example embodiment, the target field is a sensitive field in the data submitted through the fake phishing page, such as, but not limited to, name, address, bank account number, ID card number, and verification code.
[0053] For example, Figure 3 Examples of pseudo-phishing pages (a) and (b) are shown. In (a), the login page submits data including "username" and "password," so the sensitive field "password" is the target field in (a). In (b), the registration page submits data including "name," "ID card number," "mobile phone number," and "password," so the sensitive fields "ID card number" and "password" are the target fields in (b). It should be understood that the sensitive fields in the pseudo-phishing pages (a) and (b) in Figure (3) are only examples and can be changed according to the actual situation of the page.
[0054] Furthermore, in one possible implementation, a field list is generated by determining the field corresponding to the input box on the fake phishing page; in response to a selection operation on this field list, the target field is determined.
[0055] For example, identifying the fields corresponding to multiple input boxes on a fake phishing page, such as Figure 3 (a) shows the username field for the username input box and the password field for the password input box. A field selection list is generated, allowing users to choose which fields to keep based on their needs. For example, if a user chooses to keep the username field, the unselected password field will be designated as the target field.
[0056] In the above technical solution, all fields in the input boxes of the fake phishing page are identified, a list of fields is provided for the user to select, the target field is determined based on the user's selection operation, and the target field can be customized to meet the user's selection needs.
[0057] Step S203: The target field is masked in order to perform phishing tests on the masked pseudo-phishing page.
[0058] In the example embodiment, after identifying the target field, the blocking is performed by deleting the custom attributes of the target field from the source code of the fake phishing page. For example, the blocking is performed by deleting the custom attributes of the input tag corresponding to the target field in the source code of the fake phishing page. The attributes of the input tag include name, id, value, and type attributes, etc.
[0059] For example, if the target field is the password field, the name attribute of the input tag corresponding to the password field is deleted to mask the field, resulting in a processed pseudo-phishing page. The phishing page is then deployed on a fake server and submits data to the backend. At this point, a phishing test is performed, and the backend cannot capture the data submitted for that field.
[0060] In the above example embodiment, by deleting the name attribute of a sensitive field, the value of the data in that sensitive field is not transmitted to the backend when the data is submitted, thus preventing the backend from capturing the data in that sensitive field and improving data security.
[0061] Through the above Figure 2 The technical solution in the example embodiment first determines the target fields of the fake phishing page, then masks the target fields and conducts phishing page testing. By masking the sensitive fields of the fake phishing page, data from the fake phishing page can be selectively submitted to the phishing server in an internal enterprise phishing test scenario, reducing the risk of data leakage and improving the security of private data.
[0062] In one possible implementation, the fields corresponding to the input boxes on the constructed phishing page are determined, and a field list is generated, including: parsing the source code of the fake phishing page to determine multiple input tags in the form; and generating a field list based on the fields corresponding to the multiple input tags.
[0063] In the example embodiment, the HTML source code of the fake phishing page consists of three parts: HTML tags, head tags, and body tags. Form elements are located within the body tags and include input boxes, radio buttons, checkboxes, text fields, etc.
[0064] Furthermore, based on the composition of the HTML source code of the fake phishing page, multiple input boxes in the form elements are identified by parsing the source code, for example... Figure 3 (b) shows the name input box, ID card number input box, mobile phone number input box, and password input box. Each input box corresponds to a field: the name input box corresponds to the name field, the ID card number input box corresponds to the ID card number field, the mobile phone number input box corresponds to the mobile phone number field, and the password input box corresponds to the password field. The field list is generated based on the corresponding field determined by the input box.
[0065] In the above technical solution, the field list is determined by parsing the HTML source code of the fake phishing page, which can quickly locate all fields from the source code and improve the efficiency of determining the field list.
[0066] In one possible implementation, masking the target field includes encrypting the target field.
[0067] In the example embodiment, the encryption process includes symmetric encryption and asymmetric encryption.
[0068] Symmetric encryption is a encryption method that uses a single-key cryptosystem, employing the same key for both encryption and decryption. Asymmetric encryption requires two keys: a public key for encryption and a private key for decryption.
[0069] Furthermore, taking the ID card number as the target field as an example, after the user enters the original ID card number, before the data is submitted, the front-end encrypts the original ID card number data using either the Advanced Encryption Standard (AES) symmetric encryption algorithm or the RSA asymmetric encryption algorithm. It should be understood that this example uses AES and RSA; however, other encryption algorithms can also include EDS, Rabin, Elliptic Curve Typography (ECC), etc., without specific limitations.
[0070] By encrypting the target field using the technical solutions in the above example embodiments, the backend cannot obtain the data of the target field submitted through the fake phishing page, thus further improving data security.
[0071] In one possible implementation, phishing testing is performed on the masked fake phishing page, including: deploying the fake phishing page on a fake server; submitting input data from the fake phishing page to the fake server to perform the phishing test.
[0072] In the example embodiment, the fake server is a fake phishing server set up by company insiders, for example... Figure 1 Server 105.
[0073] Furthermore, the fake phishing page, after being blocked, is deployed on a fake server, and user-input data is submitted to the fake server for phishing testing.
[0074] Figure 4 This is a schematic flowchart illustrating a method for determining the target fields of a constructed fake phishing page, as provided in an embodiment of this application.
[0075] Step S401: Determine the page type of the fake phishing page.
[0076] In the example implementation, page types include login pages, registration pages, personal information editing pages, and transfer pages.
[0077] Furthermore, the type of a fake phishing page can be determined by whether its title contains words such as "XX Login" or "XX Register," whether the "value" attribute of the "input" tag in the webpage structure is set to words such as "Account," "Password," "ID Number," or "Email," or whether the fake phishing page contains buttons with the words "Login" or "Register."
[0078] Step S402: Determine the sensitive fields in the fake phishing page based on the page type to obtain the target fields.
[0079] In the example embodiment, the target field is determined based on the page type determined in step S401.
[0080] For example, taking a registration page as an example of a confirmed fake phishing page type, the ID card number, mobile phone number and other private information contained in the registration page are sensitive fields and are identified as target fields.
[0081] It should be understood that different page types have different sensitive fields. This can be achieved by pre-setting sensitive fields that might be present in different page types. For example, on a registration page, ID card number, address, and password might be sensitive fields, while on a transfer page, bank card number might be a sensitive field. A mapping between page types and sensitive fields can be generated. Based on this mapping, the sensitive fields in the fake phishing page can be determined, thus obtaining the target fields. For instance, if the page type is a transfer page, then the sensitive field in this fake phishing page would be the bank card number.
[0082] Through the above Figure 4 The technical solution in the example embodiment determines different target fields according to different page types, which can automatically determine the sensitive fields of fake phishing pages without the need for manual selection of target fields, thereby enabling automated phishing testing.
[0083] Based on the technical solution provided in this application, a specific implementation method will be described below.
[0084] In one possible implementation, a website to be phished is selected, its HTML source code is copied, and a fake phishing page identical to the original phishing website is constructed. Fields in the form of this fake phishing page are then selected, referencing... Figure 3 In the fake login page shown in (a), if you don't want to capture the password field, delete the `name` attribute from the `input` tag corresponding to the password field, but keep the `input` tag for that field. The `type` attribute in the `input` tag corresponding to the login field cannot be deleted; it's used for data submission. Host the fake phishing page with the `name` attribute removed on a fake phishing server for phishing testing.
[0085] In summary, this application first identifies the target fields of the fake phishing page, then masks these target fields, and conducts phishing page testing. By masking the target fields of the fake phishing page, it enables selective submission of data from the fake phishing page to the phishing server in an internal enterprise phishing test scenario, reducing the risk of data leakage and improving the security of private data.
[0086] Secondly, regarding the determination of target fields, one approach is to identify the fields in all input boxes on the fake phishing page, provide a list of fields for the user to choose from, and determine the target field based on the user's selection. This allows for customized selection of target fields, catering to user preferences. Another approach determines different target fields based on different page types, automatically identifying sensitive fields on fake phishing pages without requiring manual selection, thus enabling automated phishing testing.
[0087] Among these methods, the field list is determined by parsing the HTML source code of the fake phishing page, which allows for quick location of all fields from the source code, thus improving the efficiency of determining the field list.
[0088] Finally, by removing custom attributes from the target field's source code or encrypting the target field, the data submitted to the target field cannot be captured from the backend, thus improving data security.
[0089] Figure 5 This is a schematic diagram of the structure of a phishing page testing device provided in an embodiment of this application.
[0090] For example, such as Figure 5 As shown, the device 500 includes:
[0091] Module 501: Used to construct a corresponding pseudo-phishing page based on the source phishing page;
[0092] Determining module 502: Used to determine the target field of the constructed fake phishing page, which is a sensitive field in the data submitted through the phishing page;
[0093] Processing module 503: Used to mask the target field in order to perform phishing tests on the fake phishing page after the masking process.
[0094] In one possible implementation, the determining module 502 is specifically used to determine the field corresponding to the input box on the fake phishing page and generate a field list; in response to a selection operation on the field list, the target field is determined.
[0095] In one possible implementation, the determining module 502 is specifically used to parse the source code of the fake phishing page, determine multiple input tags in the form, and generate a field list based on the fields corresponding to the multiple input tags.
[0096] In one possible implementation, the determining module 502 is specifically used to determine the page type of the fake phishing page; based on the page type, it determines the sensitive fields in the fake phishing page to obtain the target field.
[0097] In one possible implementation, the processing module 503 is specifically used to encrypt the target field, including symmetric encryption and asymmetric encryption; or, to delete the custom attribute of the target field from the source code of the fake phishing page.
[0098] In one possible implementation, the construction module 501 is specifically used to copy the source code of the original phishing page to construct the fake phishing page.
[0099] In one possible implementation, the processing module 503 is specifically used to deploy the fake phishing page on the fake server; submit the input data on the fake phishing page to the fake server, and conduct phishing tests.
[0100] Figure 6 This is a schematic diagram of the structure of an electronic device provided in an embodiment of this application.
[0101] For example, such as Figure 6 As shown, the electronic device 600 includes a memory 601 and a processor 602. The memory 601 stores executable program code 6011, and the processor 602 is used to call and execute the executable program code 6011 to perform a phishing page testing method.
[0102] This embodiment can divide the electronic device into functional modules according to the above method example. For example, each module can correspond to a separate functional module, or two or more functions can be integrated into one processing module. The integrated module can be implemented in hardware. It should be noted that the module division in this embodiment is illustrative and only represents one logical functional division. In actual implementation, there may be other division methods.
[0103] When functional modules are divided according to their respective functions, the electronic device may include: a construction module, a determination module, and a processing module, etc. It should be noted that all relevant content of each step involved in the above method embodiments can be referenced from the functional descriptions of the corresponding functional modules, and will not be repeated here.
[0104] The electronic device provided in this embodiment is used to execute the above-described phishing page testing method, and therefore can achieve the same effect as the above implementation method.
[0105] When using integrated units, the electronic device may include a processing module and a storage module. The processing module is used to control and manage the operation of the electronic device. The storage module is used to support the execution of program code and data by the electronic device.
[0106] The processing module may be a processor or a controller, which can implement or execute various exemplary logic blocks, modules, and circuits as disclosed in this application. The processor may also be a combination of functions that implement computing capabilities, such as a combination of one or more microprocessors, a combination of digital signal processing (DSP) and a microprocessor, etc., and the storage module may be a memory.
[0107] This embodiment also provides a computer-readable storage medium storing computer program code. When the computer program code is run on a computer, the computer executes the aforementioned method steps to implement a phishing page testing method in the above embodiment.
[0108] This embodiment also provides a computer program product that, when run on a computer, causes the computer to perform the aforementioned steps to implement a phishing page testing method as described in the above embodiment.
[0109] In addition, the electronic device provided in the embodiments of this application may specifically be a chip, component or module. The electronic device may include a connected processor and a memory. The memory is used to store instructions. When the electronic device is running, the processor may call and execute the instructions to make the chip execute a phishing page testing method in the above embodiments.
[0110] In this embodiment, the electronic device, computer-readable storage medium, computer program product or chip are all used to execute the corresponding methods provided above. Therefore, the beneficial effects that can be achieved can be referred to the beneficial effects of the corresponding methods provided above, and will not be repeated here.
[0111] Through the above description of the embodiments, those skilled in the art will understand that, for the sake of convenience and brevity, only the division of the above functional modules is used as an example. In actual applications, the above functions can be assigned to different functional modules as needed, that is, the internal structure of the device can be divided into different functional modules to complete all or part of the functions described above.
[0112] In the embodiments provided in this application, it should be understood that the disclosed apparatus and methods can be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative; for instance, the division of modules or units is only a logical functional division, and in actual implementation, there may be other division methods. For example, multiple units or components may be combined or integrated into another device, or some features may be ignored or not executed. Furthermore, the coupling or direct coupling or communication connection shown or discussed may be through some interfaces; the indirect coupling or communication connection between devices or units may be electrical, mechanical, or other forms.
[0113] The above description is merely a specific embodiment of this application, but the scope of protection of this application is not limited thereto. Any variations or substitutions that can be easily conceived by those skilled in the art within the scope of the technology disclosed in this application should be included within the scope of protection of this application. Therefore, the scope of protection of this application should be determined by the scope of the claims.
Claims
1. A method for testing phishing pages, characterized in that, The method includes: Construct a corresponding fake phishing page based on the source phishing page; Determine the target field of the constructed fake phishing page, wherein the target field is a sensitive field in the data submitted through the fake phishing page; The target field is masked in order to perform phishing tests on the fake phishing page after the masking process. The masking process involves deleting the custom attribute of the target field from the source code of the fake phishing page.
2. The method according to claim 1, characterized in that, The target fields of the constructed fake phishing page include: Determine the fields corresponding to the input boxes on the fake phishing page and generate a field list; In response to a selection operation on the list of fields, the target field is determined.
3. The method according to claim 2, characterized in that, The step of determining the fields corresponding to the constructed phishing page input box and generating a field list includes: Analyze the source code of the fake phishing page to identify multiple input tags in the form; The field list is generated based on the fields corresponding to the multiple input labels.
4. The method according to claim 1, characterized in that, The target fields of the constructed fake phishing page include: Determine the page type of the fake phishing page; Based on the page type, the sensitive fields in the fake phishing page are determined, and the target fields are obtained.
5. The method according to claim 1, characterized in that, The masking process for the target field includes: The target field is encrypted, and the encryption process includes symmetric encryption and asymmetric encryption; or, Remove the custom attribute of the target field from the source code of the fake phishing page.
6. The method according to claim 1, characterized in that, The construction of the corresponding pseudo-phishing page based on the source phishing page includes: The fake phishing page is constructed by copying the source code of the original phishing page.
7. The method according to claim 1, characterized in that, The step of conducting phishing tests on the fake phishing page that has been blocked includes: Deploy the fake phishing page on a fake server; Submit the input data from the fake phishing page to the fake server to conduct a phishing test.
8. A phishing page testing device, characterized in that, The device includes: The construction module is used to construct a corresponding pseudo-phishing page based on the source phishing page; The determination module is used to determine the target field of the constructed pseudo-phishing page, wherein the target field is a sensitive field in the data submitted through the phishing page; The processing module is used to block the target field in order to perform phishing tests on the fake phishing page after the blocking process. The blocking process involves deleting the custom attribute of the target field from the source code of the fake phishing page.
9. An electronic device, characterized in that, The electronic device includes: Memory, used to store executable program code; A processor for calling and running the executable program code from the memory, causing the electronic device to perform the method as described in any one of claims 1 to 7.
10. A computer-readable storage medium, characterized in that, The computer-readable storage medium stores a computer program that, when executed, implements the method as described in any one of claims 1 to 7.