The invention discloses a network security analysis method and device, computer equipment and a storage medium. The method comprises the following steps: scanning various network main bodies in a target network system to obtain parameters, and performing format processing to obtain a standard format file; according to the standard format file, through network topology self-discovery, generating a network topology structure diagram, and then generating a system structure diagram; generating a penetration graph model according to the standard format files of the various network main bodies, the system structure diagrams and a preset vulnerability knowledge base; traversing all the penetration paths in the penetration graph model and executing the killing chain process, and finally determining the penetration path of the target network main body, so the application can not only perform vulnerability verification on the hosts on the whole line from the attacker to the core asset server, but also perform vulnerability verification on the hosts on the whole line from the attacker to the core asset server; hosts on all potential attack paths from the attacker to the core assets are even mined, one-by-one penetration verification is carried out, and based on this, global restoration is carried out, so that the security of the network system is greatly improved.