CN106953860A - A kind of data scanning method and scanning server - Google Patents

A kind of data scanning method and scanning server Download PDF

Info

Publication number
CN106953860A
CN106953860A CN201710166343.9A CN201710166343A CN106953860A CN 106953860 A CN106953860 A CN 106953860A CN 201710166343 A CN201710166343 A CN 201710166343A CN 106953860 A CN106953860 A CN 106953860A
Authority
CN
China
Prior art keywords
http request
request bag
scanning
target
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710166343.9A
Other languages
Chinese (zh)
Inventor
陈瑶
赵明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201710166343.9A priority Critical patent/CN106953860A/en
Publication of CN106953860A publication Critical patent/CN106953860A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the present application discloses a kind of data scanning method and scanning server, for improving system quality of scanning, reduction system scanning drain sweep rate.The embodiment of the present application method includes:Scanning server obtains the HTTP request bag that destination client is sent;The scanning server determines target HTTP request bag to be scanned according to the HTTP request bag;The target HTTP request bag is sent to the destination server by the scanning server;The scanning server receives the response data packet that the destination server is sent, and the response data packet is the packet that the destination server responds the target HTTP request bag generation;The scanning server judges whether the response data packet meets at least one in vulnerability scanning rule, if so, then the scanning server determines that the corresponding function of the target HTTP request bag has leak.

Description

A kind of data scanning method and scanning server
Technical field
The application is related to computer realm, more particularly to a kind of data scanning method and scanning server.
Background technology
The method that current network (Web) security scanners obtain input resource mainly has two kinds, and one is creeped by reptile Mode (such as IBM Rational AppScan exploration function), two be (such as Burp by way of local packet capturing Suite proxy functions).
The mode of local packet capturing needs locally to open packet catcher (such as BurpSuite) when carrying out system testing, Can instrument needs manual intervention when in use, i.e., catch request bag and need to rely on whether system testers correctly open Packet catcher has been opened, has there is serious dependence to system testers, if system testers have forgotten in test process Open, then just easily cause the phenomenon of drain sweep.In research and development of products flow, system testing and security audit be must through mistake Journey, and research and development of products flow conventional at present is that security audit is separate with system testing.I.e. in system testing process In, institute functional carry out coverage test of the system testers to test product;And security audit personnel are examined to product Timing is in order to improve scanning coverage, it is also desirable to which the institute for traveling through an evaluated system is functional, scanning is then submitted again, this is just Cause the workload of repetition, inefficiency.
The content of the invention
The embodiment of the present application provides a kind of data scanning method and scanning server, for mitigating workload, improves Operating efficiency, reduction system scanning drain sweep rate.
In a first aspect, the embodiment of the present application provides a kind of data scanning method, including:
Scanning server obtains the HTTP request bag that client is sent;The scanning server is according to this HTTP request bag determines target HTTP request bag to be scanned;The target HTTP request bag is sent to the mesh by the scanning server Mark server;The scanning server receives the response data packet of destination server transmission, and the response data packet takes for the target Business device responds the packet of target HTTP request bag generation;The scanning server judges whether the response data packet meets leak At least one of in scanning rule, if so, then the scanning server determines that the corresponding function of the response data packet has leak.
Second aspect, the embodiment of the present application provides a kind of scanning server, and the scanning server, which has, realizes above-mentioned side The function of scanning server in method.The function can be realized by hardware, and corresponding software can also be performed by hardware and is realized. The hardware or software include one or more modules corresponding with above-mentioned functions.
In a kind of possible implementation, the scanning server includes:
Acquisition module, the HTTP request bag for obtaining client transmission;
Determining module, HTTP request bag for being acquired according to the acquisition module determines target HTTP to be scanned Request bag;
Sending module, target HTTP request bag for the determining module to be determined is sent to the destination server;
Receiver module, the response data packet for receiving destination server transmission, response data packet takes for the target Business device responds the packet of target HTTP request bag generation;
Processing module, for judging whether the response data packet meets at least one in vulnerability scanning rule, if so, then true There is leak in the fixed corresponding function of the response data packet.
In alternatively possible implementation, the scanning server includes:
Transceiver, processor and bus;
The transceiver is connected with the processor by the bus;
The transceiver, performs following steps:
Obtain the HTTP request bag that client is sent;
The processor, performs following steps:
Target HTTP request bag to be scanned is determined according to the HTTP request bag;
The transceiver, is also executed the following steps:
The target HTTP request bag is sent to the destination server;Receive the response data of destination server transmission Bag, the response data packet is the packet that the destination server responds target HTTP request bag generation;
The processor, is also executed the following steps:
Judge whether the response data packet meets at least one in vulnerability scanning rule, if so, then the scanning server is true There is leak in the fixed corresponding function of the response data packet.
The third aspect, the embodiment of the present application provides a kind of test system, and the test system includes client, scanning server And destination server.The client sends HTTP request bag to the scanning server;Then the scanning server is according to this HTTP request bag determines target HTTP request bag;The target HTTP request bag is sent to the destination service by the scanning server again Device;The destination server responds target HTTP request bag generation response data after the target HTTP request bag is received Bag;The response data packet is sent to the client by the destination server by the scanning server again;The scanning server is answered The response data packet is made, and detects whether the response data packet meets vulnerability scanning rule, if so, then the scanning server is determined There is leak in the corresponding systemic-function of the response data packet.
Fourth aspect, the embodiment of the present application is provided to be stored with a kind of computer-readable storage medium, the computer-readable storage medium Program code, the program code is used for the method for indicating to perform above-mentioned first aspect or second aspect.
As can be seen from the above technical solutions, the embodiment of the present application has advantages below:In a test system, the scanning takes Business device obtains the HTTP request bag of client transmission in real time, then determines that target HTTP to be scanned please according to the HTTP request bag Bag is sought, and the target HTTP request bag is sent to the destination server;The destination server receives the target HTTP request Target HTTP request bag generation response data packet is responded after bag, then the response data packet is sent to by the destination server The scanning server;The scanning server is further according to the vulnerability scanning rule detection response data packet, if the response data packet is accorded with Any one of the vulnerability scanning rule is closed, then the scanning server determines that the corresponding function of the target HTTP request bag has leakage Hole.In this whole scanning process, scanning server is contained in the test system, when carrying out system testing, scanning clothes Business device is automatic, and security audit and system testing are synchronously carried out, mitigates workload, improves operating efficiency.Simultaneously because System testers are more familiar with test product than security audit personnel, so the function of covering can be more comprehensive so that The resource of collection also can be more rich, and then improves quality of scanning, reduces drain sweep rate.
Brief description of the drawings
Fig. 1 is the block schematic illustration of test system in the embodiment of the present application;
Fig. 2 is one embodiment schematic diagram of data scanning method in the embodiment of the present application;
Fig. 3 is another embodiment schematic diagram of data scanning method in the embodiment of the present application;
Fig. 4 is another embodiment schematic diagram of data scanning method in the embodiment of the present application;
Fig. 5 is a schematic flow sheet of data scanning method in the embodiment of the present application;
Fig. 6 is one embodiment schematic diagram of scanning server in the embodiment of the present application;
Fig. 7 is another embodiment schematic diagram of scanning server in the embodiment of the present application;
Fig. 8 is another embodiment schematic diagram of scanning server in the embodiment of the present application;
Fig. 9 is another embodiment schematic diagram of scanning server in the embodiment of the present application;
Figure 10 is another embodiment schematic diagram of scanning server in the embodiment of the present application.
Embodiment
The embodiment of the present application provides a kind of data scanning method and scanning server, for mitigating workload, improves Operating efficiency, reduction system scanning drain sweep rate.
Term " first ", " second ", " the 3rd " in the description and claims of this application and above-mentioned accompanying drawing, " The (if present)s such as four " are for distinguishing similar object, without for describing specific order or precedence.It should manage The data that solution is so used can be exchanged in the appropriate case, so that the embodiments described herein can be with except illustrating herein Or the order beyond the content of description is implemented.In addition, term " comprising " and " having " and their any deformation, it is intended that Covering is non-exclusive to be included, for example, containing process, method, system, product or the equipment of series of steps or unit need not limit In those steps or unit for clearly listing, but may include not list clearly or for these processes, method, production Product or the intrinsic other steps of equipment or unit.
The method that current network (Web) security scanners obtain input resource mainly has two kinds, and one is creeped by reptile Mode (such as IBM Rational AppScan exploration function), two be (such as Burp by way of local packet capturing Suite proxy functions).The mode of local packet capturing needs locally to open packet catcher (such as Burp when carrying out system testing Suite etc.), can instrument needs manual intervention when in use, i.e., catch request bag and need to rely on system testers Whether packet catcher is correctly opened, there is serious dependence to system testers, if system testers were testing Unlatching is have forgotten in journey, then just easily cause the phenomenon of drain sweep.In research and development of products flow, system testing and security audit Be must through process, and research and development of products flow conventional at present is that security audit is separate with system testing.It is being During unified test examination, institute functional carry out coverage test of the system testers to test product;And security audit personnel are right In order to improve scanning coverage when product is audited, it is also desirable to which the institute for traveling through an evaluated system is functional, then carries again Scanning is handed over, this has resulted in the workload repeated, inefficiency.
In order to solve this problem, the application implements to provide following technical scheme:Scanning server obtains client and sent HTTP request bag;The scanning server determines that target HTTP to be scanned please according to the HTTP request bag Seek bag;The target HTTP request bag is sent to the destination server by the scanning server;The scanning server receives the target The response data packet that server is sent, the response data packet is the number that the destination server responds target HTTP request bag generation According to bag;The scanning server judges whether the response data packet meets at least one in vulnerability scanning rule, if so, the then scanning Server determines that the corresponding function of the response data packet has leak.
The scanning server in the embodiment of the present application determines that the corresponding function of the response data packet has the meaning of leak Determine that the destination server responds the target HTTP request bag for the scanning server, generation response data packet this function is not just It is really imperfect in other words.
In the technical scheme application that the embodiment of the present application is provided in test system as shown in Figure 1, the test system includes Client, scanning server and destination server, the wherein client are used to send to destination server by scanning server HTTP request bag, then the destination server response to the HTTP request bag is sent to the client by the scanning server The response data packet can be carried out replicating and then leak rule is carried out to the response data packet and examined by packet, the scanning server Look into, determine that the corresponding function of the response data packet whether there is leak.
Concrete condition is referred to shown in Fig. 2, one embodiment of data scanning method in the embodiment of the present application, including:
201st, client sends HTTP request bag to scanning server.
In the test process that system testers carry out test product, the client in the test system takes to the scanning Business device sends HTTP request bag.
In the present embodiment, the information for the HTTP request bag request that the client is sent includes a variety of situations, such as asking The HTTP request bag of pictorial information is sought, or for asking the HTTP request bag of video information, or for asking voice messaging HTTP request bag, concrete condition is not limited herein.
202nd, scanning server determines target HTTP request bag to be scanned according to the HTTP request bag.
The scanning server determines target to be scanned after the HTTP request bag is received according to corresponding rule HTTP request bag.
203rd, the target HTTP request bag is sent to destination server by scanning server.
The target HTTP request bag is sent to the destination server by the scanning server.
In the present embodiment, the scanning server by the target HTTP request bag when being sent to the destination server, the mesh The request type for marking HTTP request bag can be GET request, or POST request, not limit herein specifically.Simultaneously should COOKIE fields will be carried in target HTTP request bag.
204th, destination server responds target HTTP request bag generation response data packet.
The destination server parses the target HTTP request bag, knows this after the target HTTP request bag is received The information that target HTTP request bag is specifically asked, the letter that then destination server is specifically asked for the target HTTP request bag Breath generation response data packet.
Such as, the information that the target HTTP request bag is specifically asked is the program operation information of database purchase, then the mesh It will include the program operation information in the response data packet of mark server generation.
205th, the response data packet is sent to scanning server by destination server.
The response data packet is sent to the scanning server by the destination server.
In the present embodiment, the scanning server can't intercept the response data packet and simply be answered the response data packet System.I.e. the response data packet is sent to after the scanning server by the destination server, and the scanning server first can ring original Packet is answered to carry out replicating generation duplication response data packet, then the former response data packet is directly forwarded to by the scanning server The client.
206th, scanning server judges whether the response data packet meets at least one in vulnerability scanning rule, if so, then Scanning server performs step 207, if it is not, then scanning server performs step 208.
The scanning server by the response data packet and vulnerability scanning rule matched one by one, if the response data packet and The vulnerability scanning rule at least any one meet, then the scanning server perform step 207, if the response data packet with One does not comply with vulnerability scanning rule, then the scanning server performs step 208.
207th, scanning server determines that the corresponding function of the response data packet has leak.
The scanning server is when it is determined that the response data packet meets with least one in vulnerability scanning rule, and this is swept Retouch server and determine that the corresponding function of the response data packet has leak.
208th, scanning server determines that the corresponding function of the response data packet is normal.
The scanning server is not when it is determined that the response data is complyed with one in vulnerability scanning rule, the scanning Server determines that leak is not present in the corresponding function of the response data packet.
In the present embodiment, in a test system, the scanning server obtains the HTTP request bag of client transmission in real time, so Target HTTP request bag to be scanned is determined according to the HTTP request bag afterwards, and the target HTTP request bag is sent to the target Server;The destination server responds target HTTP request bag generation response data after receiving the target HTTP request bag Bag, then the response data packet is sent to the scanning server by the destination server;The scanning server is swept further according to leak The rule detection response data packet is retouched, if the response data packet meets any one of the vulnerability scanning rule, the scan service Device determines that the corresponding function of target HTTP request bag has leak.In this whole scanning process, scanning server is contained in In the test system, when carrying out system testing, the scanning server is automatic, and security audit and system testing is synchronous Carry out, mitigate workload, improve operating efficiency.Simultaneously because system testers are more familiar with tested than security audit personnel Product, so the function of covering can be more comprehensive so that the resource of collection also can be more rich, and then improves quality of scanning, drop Low drain sweeps rate.
Based on above-described embodiment, specifically refer to shown in Fig. 3, another reality of data scanning method in the embodiment of the present application Example is applied, including:
301st, client sends HTTP request bag to scanning server.
In the test process that system testers carry out test product, the client in the test system takes to the scanning Business device sends HTTP request bag.
In the present embodiment, the information for the HTTP request bag request that the client is sent includes a variety of situations, such as asking The HTTP request bag of pictorial information is sought, or for asking the HTTP request bag of video information, or for asking voice messaging HTTP request bag, concrete condition is not limited herein.
302nd, scanning server judges whether the HTTP request bag needs to be scanned, if so, then performing step 303 to step Rapid 311.
The scanning server detects that judging should after the HTTP request bag is received to the HTTP request bag Whether HTTP request bag, which needs, is scanned, if so, then the scanning server performs step 303 to step 311.
In the present embodiment, the scanning server may determine that whether the HTTP request bag meets for indicating the HTTP request Bag need not carry out the customizing messages of security sweep, if so, then the scanning server determines that the HTTP need not be scanned, this When the scanning server HTTP request bag directly can be sent to destination server, the destination server send number of responses During according to bag, the scanning server will not be also scanned to the response data packet.With enter the customizing messages can be for picture or The information such as word, concrete condition is not limited herein.
303rd, scanning server extracts the target data information of the HTTP request bag.
The scanning server is when it is determined that the HTTP request bag needs to be scanned, and the scanning server is to the HTTP request Bag is parsed and extracted the critical data of the HTTP request bag, the i.e. target data information.
304th, the target data information is stored in database generation data message set by scanning server.
The scanning server carries out the target data information to be stored in database generation data message set.
In the present embodiment, the database can become one with the scanning server, or an independent part, Concrete condition is not limited herein.
In the present embodiment, each the target HTTP request bag got is carried out extraction number of targets by the scanning server It is believed that ceasing and being stored in same database, material is thus formed a data message set.
Such as the scanning server extracts the first object data message of the first aim HTTP request bag determined, at this moment The data message included in the data message set only has the first object data message;When the scanning server extracts what is determined During the second target data information of second target HTTP request bag, the data message included in the data message set for this One target data information and second target data information.The data message set is updated successively, and the scanning server is often obtained One target HTTP request bag, the data message set just updates once.
305th, each data message in the data message set is carried out restructuring generation target HTTP request by scanning server Bag.
The scanning server is read in the data message set according to the protocol architecture of the HTTP request bag with request type Valid data information;Then the valid data information is carried out restructuring generation target HTTP request bag by the scanning server, its In the HTTP request bag request type include GET request type and POST request type, and the target HTTP request bag carry There are COOKIE fields.
In the present embodiment, when the scanning server, which gets first, needs the HTTP request bag scanned, the target HTTP request bag be the HTTP in itself;When the scanning server, which gets second, needs the HTTP request bag scanned, and The request type for the HTTP request bag that this second needs are scanned needs the request class of the HTTP request bag of scanning with this first Type is identical, while the HTTP request bag that the protocol architecture of this second HTTP request bag for needing to scan is scanned with the primary need Protocol architecture it is identical, then the target HTTP request bag be this first need scan HTTP request bag data message and The HTTP request bag that the data message for the HTTP request bag that this second needs are scanned is generated after being recombinated.In the present embodiment The valid data information according to the reading in data message set is reassembled as to each word in the protocol architecture of HTTP request bag Section, which is modified, exchanges the new HTTP request bag of composition as the target HTTP request bag.
It is (A, B, C) that the such as scanning server, which gets first data message for needing the HTTP request bag scanned,; Then the data message for the first object HTTP request bag that the scanning server is sent is (A, B, C).
It is (D, E, F) when the scanning server gets second data message for needing the HTTP request bag scanned;This If when this second need scan HTTP request bag request type with this first need scan HTTP request bag please Ask type identical, such as be all GET request type;The protocol architecture for the HTTP request bag that this second needs are scanned is with being somebody's turn to do simultaneously The protocol architecture of the HTTP request bag of primary need scanning is identical, then the second target HTTP request bag that the scanning server is sent Data message be following several situations:(A, D, E), (A, E, F), (A, D, F), (B, D, E), (B, E, F), (B, D, F), (C, D, E), (C, E, F), (C, D, F), (A, B, D), (A, B, E), (A, B, F), (A, C, D), (A, C, E), (A, C, F), (B, C, D) (B, C, E), (B, C, F), (A, B, C), (D, E, F).The second target HTTP request bag that i.e. scanning server is sent is above-mentioned The HTTP request bag of several situations.
306th, the target HTTP request bag is sent to destination server by scanning server.
The target HTTP request bag is sent to the destination server by the scanning server.
In the present embodiment, the scanning server by the target HTTP request bag when being sent to the destination server, the mesh The request type for marking HTTP request bag can be GET request, or POST request, not limit herein specifically.Simultaneously should COOKIE fields will be carried in target HTTP request bag.
307th, destination server responds target HTTP request bag generation response data packet.
The destination server parses the target HTTP request bag, knows this after the target HTTP request bag is received The information that target HTTP request bag is specifically asked, the letter that then destination server is specifically asked for the target HTTP request bag Breath generation response data packet.
Such as, the information that the target HTTP request bag is specifically asked is the program operation information of database purchase, then the mesh It will include the program operation information in the response data packet of mark server generation.
308th, the response data packet is sent to scanning server by destination server.
The response data packet is sent to the scanning server by the destination server.
In the present embodiment, the scanning server can't intercept the response data packet and simply be answered the response data packet System.I.e. the response data packet is sent to after the scanning server by the destination server, and the scanning server first can ring original Packet is answered to carry out replicating generation duplication response data packet, then the former response data packet is directly forwarded to by the scanning server The client.
309th, scanning server judges whether the response data packet meets at least one in vulnerability scanning rule, if so, then Scanning server performs step 310, if it is not, then scanning server performs step 311.
The scanning server by the response data packet and vulnerability scanning rule matched one by one, if the response data packet and The vulnerability scanning rule at least any one meet, then the scanning server perform step 310, if the response data packet with One does not comply with vulnerability scanning rule, then the scanning server performs step 311.
310th, scanning server determines that the corresponding function of the response data packet has leak.
The scanning server is when it is determined that the response data packet meets with least one in vulnerability scanning rule, and this is swept Retouch server and determine that the corresponding function of the response data packet has leak.
311st, scanning server determines that the corresponding function of the response data packet is normal.
The scanning server is not when it is determined that the response data is complyed with one in vulnerability scanning rule, the scanning Server determines that leak is not present in the corresponding function of the response data packet.
In the present embodiment, in a test system, the scanning server obtains the HTTP request bag of client transmission in real time, so Target HTTP request bag to be scanned is determined according to the HTTP request bag afterwards, and the target HTTP request bag is sent to the target Server;The destination server responds target HTTP request bag generation response data after receiving the target HTTP request bag Bag, then the response data packet is sent to the scanning server by the destination server;The scanning server is swept further according to leak The rule detection response data packet is retouched, if the response data packet meets any one of the vulnerability scanning rule, the scan service Device determines that the corresponding function of target HTTP request bag has leak.In this whole scanning process, scanning server is contained in In the test system, when carrying out system testing, the scanning server is automatic, and security audit and system testing is synchronous Carry out, mitigate workload, improve operating efficiency.Simultaneously because system testers are more familiar with tested than security audit personnel Product, so the function of covering can be more comprehensive so that the resource of collection also can be more rich, and then improves quality of scanning, drop Low drain sweeps rate.Meanwhile, the scanning server carries out filtering to the HTTP request bag got can effectively reduce scanning work Amount;, so can be with and the data message of the HTTP request bag is carried out restructuring generation target HTTP request bag by the scanning server The effective safety test for ensureing system is synchronous with functional test to be carried out, and expands test resource as far as possible, effective to improve scanning Quality, and reduce drain sweep rate.
Based on the embodiment shown in Fig. 2, specifically refer to shown in Fig. 4, data scanning method is another in the embodiment of the present application One embodiment, including:
401st, client sends HTTP request bag to scanning server.
In the test process that system testers carry out test product, the client in the test system takes to the scanning Business device sends HTTP request bag.
In the present embodiment, the information for the HTTP request bag request that the client is sent includes a variety of situations, such as asking The HTTP request bag of pictorial information is sought, or for asking the HTTP request bag of video information, or for asking voice messaging HTTP request bag, concrete condition is not limited herein.
402nd, the HTTP request bag is sent to destination server by scanning server.
The HTTP request bag is sent to the destination server by the scanning server.
In the present embodiment, the scanning server by the target HTTP request bag when being sent to the destination server, the mesh The request type for marking HTTP request bag can be GET request, or POST request, not limit herein specifically.Simultaneously should COOKIE fields will be carried in target HTTP request bag.
403rd, destination server responds HTTP request bag generation response data packet.
The destination server parses the HTTP request bag, knows the HTTP request after the HTTP request bag is received The information specifically asked is wrapped, the information generation response data that then destination server is specifically asked for the HTTP request bag Bag.
Such as, the information that the HTTP request bag is specifically asked is the program operation information of database purchase, then the target takes It will include the program operation information in the response data packet of business device generation.
404th, the response data packet is sent to scanning server by destination server.
The response data packet is sent to the scanning server by the destination server.
In the present embodiment, the scanning server can't intercept the response data packet and simply be answered the response data packet System.I.e. the response data packet is sent to after the scanning server by the destination server, and the scanning server first can ring original Packet is answered to carry out replicating generation duplication response data packet, then the former response data packet is directly forwarded to by the scanning server The client.
405th, scanning server judges whether the response data packet meets at least one in vulnerability scanning rule, if so, then Scanning server performs step 406, if it is not, then scanning server performs step 407.
The scanning server by the response data packet and vulnerability scanning rule matched one by one, if the response data packet and The vulnerability scanning rule at least any one meet, then the scanning server perform step 406, if the response data packet with One does not comply with vulnerability scanning rule, then the scanning server performs step 407.
406th, scanning server determines that the corresponding function of the response data packet has leak.
The scanning server is when it is determined that the response data packet meets with least one in vulnerability scanning rule, and this is swept Retouch server and determine that the corresponding function of the response data packet has leak.
407th, scanning server determines that the corresponding function of the response data packet is normal.
The scanning server is not when it is determined that the response data is complyed with one in vulnerability scanning rule, the scanning Server determines that leak is not present in the corresponding function of the response data packet.
In the present embodiment, in a test system, the scanning server obtains the HTTP request bag of client transmission in real time, so Target HTTP request bag to be scanned is determined according to the HTTP request bag afterwards, and the target HTTP request bag is sent to the target Server;The destination server responds target HTTP request bag generation response data after receiving the target HTTP request bag Bag, then the response data packet is sent to the scanning server by the destination server;The scanning server is swept further according to leak The rule detection response data packet is retouched, if the response data packet meets any one of the vulnerability scanning rule, the scan service Device determines that the corresponding function of target HTTP request bag has leak.In this whole scanning process, scanning server is contained in In the test system, when carrying out system testing, the scanning server is automatic, and security audit and system testing is synchronous Carry out, mitigate workload, improve operating efficiency.Simultaneously because system testers are more familiar with tested than security audit personnel Product, so the function of covering can be more comprehensive so that the resource of collection also can be more rich, and then improves quality of scanning, drop Low drain sweeps rate.
Based on the description in above-described embodiment, the embodiment of the present application carries out the flow of data scanning such as in the test system Shown in Fig. 5:
When system testers test for test product, the system testers will start the test system, At this moment the client will send HTTP request bag to the scanning server, and at this moment the scanning server grabs the HTTP request Bag;The HTTP request bag is filtered after the scanning server gets the HTTP request bag, that is, deletes to enter The HTTP request bag of row security sweep, to reduce workload;The scanning server needs to carry out security sweep filtering out After HTTP request bag, the scanning server is extracted the data message of the HTTP request bag and by the data extracted Information Store generates data message set in database;Then scanning server, should when carrying out the restructuring of HTTP request bag Scanning server is needed to read each data message in the data message set from database, and each data message is carried out Restructuring generation target HTTP request bag;Then the target HTTP request bag is sent to destination server by the scanning server;Should Destination server generates response data packet for the target HTTP request bag;The response data packet is sent to by the destination server Scanning server;Scanning server detects whether the response data packet meets at least one in vulnerability scanning rule, if so, then The corresponding function of the response data packet is reported to there is leak;If it is not, then terminating the detection of current response data packet.
The data scanning method in the embodiment of the present application is described above, below to sweeping in the embodiment of the present application Server is retouched to be described.
It is specific referring to Fig. 6, in the embodiment of the present application scanning server one embodiment, including:
Acquisition module 601, the HTTP request bag for obtaining client transmission;
Determining module 602, HTTP request bag for being acquired according to the acquisition module determines target to be scanned HTTP request bag;
Sending module 603, target HTTP request bag for the determining module to be determined is sent to the destination server;
Receiver module 604, the response data packet for receiving destination server transmission, the response data packet is the target Server responds the packet of target HTTP request bag generation;
Processing module 605, for judging whether the response data packet meets at least one in vulnerability scanning rule, if so, Then determine that the corresponding function of the response data packet has leak.
In the present embodiment, in a test system, the acquisition module 601 obtains the HTTP request bag that client is sent in real time, It is then determined that module 602 determines target HTTP request bag to be scanned according to the HTTP request bag, sending module 603 is by the target HTTP request bag is sent to the destination server;The destination server responds the target after receiving the target HTTP request bag HTTP request bag generates response data packet, and then the response data packet is sent to the receiver module 604 by the destination server;Should Processing module 605 is further according to the vulnerability scanning rule detection response data packet, if the response data packet meets vulnerability scanning rule Any one of then, then the scanning server determines that the corresponding function of target HTTP request bag has leak.In this whole scanning During, scanning server is contained in the test system, and when carrying out system testing, the scanning server is automatic, Security audit and system testing are synchronously carried out, mitigate workload, operating efficiency is improved.Simultaneously because system testers are than peace Full auditor is more familiar with test product, so the function of covering can be more comprehensive so that the resource of collection also can be more It is abundant, and then quality of scanning is improved, reduce drain sweep rate.
Based on the scanning server shown in above-mentioned Fig. 6, specifically refer to shown in Fig. 7, scan service in the embodiment of the present application Another embodiment of device also includes:
The determining module 602 includes:
Determining unit 6021, please if so, then extracting the HTTP for judging whether the HTTP request bag needs to be scanned The target data information for asking bag to carry;
Memory cell 6022, target data information for the processing unit to be extracted is stored in database generation data Information aggregate;
Recomposition unit 6023, for each data message in the data message set to be carried out into restructuring generation target HTTP numbers According to bag.
Optionally, the recomposition unit 6023, also includes:Subelement is read, for the agreement knot according to the HTTP request bag Structure and request type read valid data information from the data message set, the request type include GET request type and POST request type;
Subelement is recombinated, for by target data information restructuring generation target HTTP packets, target HTTP please Ask in bag and also carry COOKIE fields.
In the present embodiment, in a test system, the acquisition module 601 obtains the HTTP request bag that client is sent in real time, It is then determined that module 602 determines target HTTP request bag to be scanned according to the HTTP request bag, sending module 603 is by the target HTTP request bag is sent to the destination server;The destination server responds the target after receiving the target HTTP request bag HTTP request bag generates response data packet, and then the response data packet is sent to the receiver module 604 by the destination server;Should Processing module 605 is further according to the vulnerability scanning rule detection response data packet, if the response data packet meets vulnerability scanning rule Any one of then, then the scanning server determines that the corresponding function of target HTTP request bag has leak.In this whole scanning During, scanning server is contained in the test system, and when carrying out system testing, the scanning server is automatic, Security audit and system testing are synchronously carried out, mitigate workload, operating efficiency is improved.Simultaneously because system testers are than peace Full auditor is more familiar with test product, so the function of covering can be more comprehensive so that the resource of collection also can be more It is abundant, and then quality of scanning is improved, reduce drain sweep rate.Meanwhile, the HTTP request bag that 6021 pairs of the determining unit is got is carried out Filtering can effectively reduce scanning work amount;And the recomposition unit 6023 is recombinated the data message of the HTTP request bag Target HTTP request bag is generated, so can effectively ensure the safety test of system progress synchronous with functional test, and as far as possible Expand test resource, effectively improve quality of scanning, and reduce drain sweep rate.
Based on the scanning server shown in above-mentioned Fig. 7, specifically refer to shown in Fig. 8, scan service in the embodiment of the present application Another embodiment of device also includes:
The determining unit 6021 includes:
Subelement 60211 is handled, for judging whether the HTTP request bag is used to ask customizing messages, if it is not, the then clothes Business device determines that the HTTP request bag needs to be scanned, and the customizing messages is used to indicate that the HTTP request bag need not be swept Retouch.
In the present embodiment, in a test system, the acquisition module 601 obtains the HTTP request bag that client is sent in real time, It is then determined that module 602 determines target HTTP request bag to be scanned according to the HTTP request bag, sending module 603 is by the target HTTP request bag is sent to the destination server;The destination server responds the target after receiving the target HTTP request bag HTTP request bag generates response data packet, and then the response data packet is sent to the receiver module 604 by the destination server;Should Processing module 605 is further according to the vulnerability scanning rule detection response data packet, if the response data packet meets vulnerability scanning rule Any one of then, then the scanning server determines that the corresponding function of target HTTP request bag has leak.In this whole scanning During, scanning server is contained in the test system, and when carrying out system testing, the scanning server is automatic, Security audit and system testing are synchronously carried out, mitigate workload, operating efficiency is improved.Simultaneously because system testers are than peace Full auditor is more familiar with test product, so the function of covering can be more comprehensive so that the resource of collection also can be more It is abundant, and then quality of scanning is improved, reduce drain sweep rate.Meanwhile, the HTTP request bag that 6021 pairs of the determining unit is got is carried out Filtering can effectively reduce scanning work amount;And the recomposition unit 6023 is recombinated the data message of the HTTP request bag Target HTTP request bag is generated, so can effectively ensure the safety test of system progress synchronous with functional test, and as far as possible Expand test resource, effectively improve quality of scanning, and reduce drain sweep rate.
Based on the scanning server shown in above-mentioned Fig. 6, specifically refer to shown in Fig. 9, scan service in the embodiment of the present application Another embodiment of device also includes:
The sending module 603 includes:
Transmitting element 6031, for being sent to the target using the HTTP request bag as target HTTP request bag to be scanned Server.
Optionally, the sending module 603, is additionally operable to transmission and reports information, and this reports information for indicating the response data Wrap corresponding function and there is leak.
In the present embodiment, the transmitting element 6031 sends this and reports information so that system testers and security audit people Member knows the leak that the corresponding function of the response data packet is present in time, and then corrects the leak in time.
Specifically refer to shown in Figure 10, another embodiment of the scanning server in the embodiment of the present application, scanning clothes Business device includes:
Transceiver 1001 and processor 1002;The transceiver 1001 is mutually interconnected with the processor 1002 by bus 1003 Connect;
Bus 1003 can be Peripheral Component Interconnect standard (peripheral component interconnect, abbreviation PCI) bus or EISA (extended industry standard architecture, abbreviation EISA) Bus etc..The bus can be divided into address bus, data/address bus, controlling bus etc..It is only thick with one in Figure 10 for ease of representing Line is represented, it is not intended that only one bus or a type of bus.
Processor 1002 can be central processing unit (central processing unit, abbreviation CPU), network processes The combination of device (network processor, abbreviation NP) or CPU and NP.
Processor 1002 can further include hardware chip.Above-mentioned hardware chip can be application specific integrated circuit (application-specific integrated circuit, abbreviation ASIC), PLD (programmable logic device, abbreviation PLD) or its combination.Above-mentioned PLD can be CPLD (complex programmable logic device, abbreviation CPLD), field programmable gate array (field- Programmable gate array, abbreviation FPGA), GAL (generic array logic, abbreviation GAL) or It is combined.
Shown in Figure 10, the scanning server can also include memory 1004;The memory 1004 can include easy The property lost memory (volatile memory), such as random access memory (random-access memory, abbreviation RAM); Memory can also include nonvolatile memory (non-volatile memory), such as flash memory (flash Memory), hard disk (hard disk drive, abbreviation HDD) or solid state hard disc (solid-state drive, abbreviation SSD);Deposit Reservoir 1004 can also include the combination of the memory of mentioned kind.
Alternatively, memory 1004 can be also used for storage program instruction, and processor 1002 is called in the memory 1004 The programmed instruction of storage, can perform one or more of embodiment step shown in Fig. 1 or Fig. 2 or Fig. 3 or Fig. 4, or its In optional embodiment, realize the function of scanning server behavior in the above method.
The transceiver 1001, performs following steps:
Obtain the HTTP request bag that client is sent;
The processor 1002, performs following steps:
Target HTTP request bag to be scanned is determined according to the HTTP request bag;
The transceiver 1001, is also executed the following steps:
The target HTTP request bag is sent to the destination server;Receive the response data of destination server transmission Bag, the response data packet is the packet that the destination server responds target HTTP request bag generation;
The processor 1002, is also executed the following steps:
Judge whether the response data packet meets at least one in vulnerability scanning rule, if so, then the scanning server is true There is leak in the fixed corresponding function of the response data packet.
Optionally, the processor 1002, is also executed the following steps:Judge whether the HTTP request bag needs to be scanned, If so, then the server extracts the target data information of HTTP request bag carrying;The target data information is stored in data Storehouse generates data message set;Each data message in the data message set is subjected to restructuring generation target HTTP packets.
Optionally, the processor 1002, is also executed the following steps:
Judge whether the HTTP request bag is used to ask customizing messages, if not, it is determined that the HTTP request bag needs to carry out Scanning, the customizing messages is used to indicate that the HTTP request bag need not be scanned.
Optionally, the transceiver 1001, is also executed the following steps:
The destination server is sent to using the HTTP request bag as target HTTP request bag to be scanned.
Optionally, the request type of the target HTTP request bag includes GET request type and POST request type, the target COOKIE fields are also carried in HTTP request bag.
Optionally, the transceiver 1001, is also executed the following steps:
Transmission reports information, and this reports information for indicating that the corresponding function of the response data packet has leak.
In the present embodiment, in a test system, the transceiver 1001 obtains the HTTP request bag that client is sent in real time, so Preprocessor 1002 determines target HTTP request bag to be scanned according to the HTTP request bag, and transceiver 1001 is by target HTTP Request bag is sent to the destination server;The destination server responds target HTTP after receiving the target HTTP request bag Request bag generates response data packet, and then the response data packet is sent to the transceiver 1001 by the destination server;The processing Device 1002 is appointed further according to the vulnerability scanning rule detection response data packet if the response data packet meets in vulnerability scanning rule One, then the scanning server determine that the corresponding function of target HTTP request bag has leak.In this whole scanning process, Scanning server is contained in the test system, and when carrying out system testing, the scanning server is automatic, and safety is examined Meter and system testing are synchronously carried out, and mitigate workload, improve operating efficiency.Simultaneously because system testers are than security audit people Member is more familiar with test product, so the function of covering can be more comprehensive so that the resource of collection also can be more rich, and then Quality of scanning is improved, drain sweep rate is reduced.Meanwhile, the HTTP request bag that 1002 pairs of the processor is got carries out filtering can be effective Reduction scanning work amount;And the data message of the HTTP request bag is carried out restructuring generation target HTTP and asked by the processor 1002 Bag is sought, so can effectively ensure the safety test of system progress synchronous with functional test, and expands test resource as far as possible, is had The raising quality of scanning of effect, and reduce drain sweep rate.
It is apparent to those skilled in the art that, for convenience and simplicity of description, the system of foregoing description, The specific work process of device and unit, may be referred to the corresponding process in preceding method embodiment, will not be repeated here.
In several embodiments provided herein, it should be understood that disclosed system, apparatus and method can be with Realize by another way.For example, device embodiment described above is only schematical, for example, the unit Divide, only a kind of division of logic function there can be other dividing mode when actually realizing, such as multiple units or component Another system can be combined or be desirably integrated into, or some features can be ignored, or do not perform.It is another, it is shown or The coupling each other discussed or direct-coupling or communication connection can be the indirect couplings of device or unit by some interfaces Close or communicate to connect, can be electrical, machinery or other forms.
The unit illustrated as separating component can be or may not be it is physically separate, it is aobvious as unit The part shown can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple On NE.Some or all of unit therein can be selected to realize the mesh of this embodiment scheme according to the actual needs 's.
In addition, each functional unit in the application each embodiment can be integrated in a processing unit, can also That unit is individually physically present, can also two or more units it is integrated in a unit.Above-mentioned integrated list Member can both be realized in the form of hardware, it would however also be possible to employ the form of SFU software functional unit is realized.
If the integrated unit is realized using in the form of SFU software functional unit and as independent production marketing or used When, it can be stored in a computer read/write memory medium.Understood based on such, the technical scheme of the application is substantially The part contributed in other words to prior art or all or part of the technical scheme can be in the form of software products Embody, the computer software product is stored in a storage medium, including some instructions are to cause a computer Equipment (can be personal computer, server, or network equipment etc.) performs the complete of the application each embodiment methods described Portion or part steps.And foregoing storage medium includes:USB flash disk, mobile hard disk, read-only storage (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disc or CD etc. are various can store journey The medium of sequence code.
The above, above example is only to the technical scheme for illustrating the application, rather than its limitations;Although with reference to before Embodiment is stated the application is described in detail, it will be understood by those within the art that:It still can be to preceding State the technical scheme described in each embodiment to modify, or equivalent is carried out to which part technical characteristic;And these Modification is replaced, and the essence of appropriate technical solution is departed from the spirit and scope of each embodiment technical scheme of the application.

Claims (12)

1. a kind of data scanning method, it is characterised in that including:
Obtain the HTTP request bag that client is sent;
Target HTTP request bag to be scanned is determined according to the HTTP request bag;
The target HTTP request bag is sent to the destination server;
The response data packet that the destination server is sent is received, the response data packet is that destination server response is described The packet of target HTTP request bag generation;
Judge whether the response data packet meets at least one in vulnerability scanning rule, if, it is determined that the response data Wrap corresponding function and there is leak.
2. according to the method described in claim 1, it is characterised in that target to be scanned is determined according to the HTTP request bag HTTP request bag includes:
Judge whether the HTTP request bag needs to be scanned, if so, then the server extraction HTTP request bag is taken The target data information of band;
The target data information is stored in database generation data message set;
Each data message in the data message set is subjected to restructuring generation target HTTP packets.
3. method according to claim 2, it is characterised in that carry out each data message in the data message set Restructuring generation target HTTP packets include:
Significant figure from the data message set is read according to the protocol architecture and request type of the HTTP request bag it is believed that Breath, the request type includes GET request type and POST request type;
Valid data information restructuring is generated and also carried in the target HTTP packets, the target HTTP request bag COOKIE fields.
4. method according to claim 2, it is characterised in that judge whether the HTTP request bag needs to be scanned bag Include:
Judge whether the HTTP request bag is used to ask customizing messages, if not, it is determined that the HTTP request bag needs to carry out Scanning, the customizing messages is used to indicate that the HTTP request bag need not be scanned.
5. according to the method described in claim 1, it is characterised in that the target HTTP request bag is sent to the target and taken Business device includes:
The destination server is sent to using the HTTP request bag as target HTTP request bag to be scanned.
6. method according to any one of claim 1 to 5, it is characterised in that determine that the response data packet is corresponding Function is present after leak, and methods described also includes:
Transmission reports information, described to report information for indicating that the corresponding function of the response data packet has leak.
7. a kind of scanning server, it is characterised in that including:
Acquisition module, the HTTP request bag for obtaining client transmission;
Determining module, the HTTP request bag for being acquired according to the acquisition module determines target HTTP to be scanned Request bag;
Sending module, the target HTTP request bag for the determining module to be determined is sent to the destination server;
Receiver module, for receiving the response data packet that the destination server is sent, the response data packet is the target Server responds the packet of the target HTTP request bag generation;
Processing module, for judging whether the response data packet meets at least one in vulnerability scanning rule, if, it is determined that There is leak in the corresponding function of the response data packet.
8. scanning server according to claim 7, it is characterised in that the determining module includes:
Determining unit, for judging whether the HTTP request bag needs to be scanned, if so, then extracting the HTTP request bag The target data information of carrying;
Memory cell, the target data information for the processing unit to be extracted is stored in database generation data message Set;
Recomposition unit, for each data message in the data message set to be carried out into restructuring generation target HTTP packets.
9. scanning server according to claim 8, it is characterised in that the recomposition unit includes:
Subelement is read, for the protocol architecture and request type according to the HTTP request bag from the data message set Valid data information is read, the request type includes GET request type and POST request type;
Subelement is recombinated, for target data information restructuring to be generated into the target HTTP packets, the target HTTP COOKIE fields are also carried in request bag.
10. scanning server according to claim 8, it is characterised in that the determining unit includes:
Subelement is handled, for judging whether the HTTP request bag is used to ask customizing messages, if it is not, the then scan service Device determines that the HTTP request bag needs to be scanned, and the customizing messages is used to indicate that the HTTP request bag need not be carried out Scanning.
11. scanning server according to claim 7, it is characterised in that the sending module includes:
Transmitting element, for being sent to the destination service using the HTTP request bag as target HTTP request bag to be scanned Device.
12. the scanning server according to any one of claim 7 to 11, it is characterised in that the sending module, is also used Information is reported in transmission, it is described to report information for indicating that the corresponding function of the response data packet has leak.
CN201710166343.9A 2017-03-20 2017-03-20 A kind of data scanning method and scanning server Pending CN106953860A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710166343.9A CN106953860A (en) 2017-03-20 2017-03-20 A kind of data scanning method and scanning server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710166343.9A CN106953860A (en) 2017-03-20 2017-03-20 A kind of data scanning method and scanning server

Publications (1)

Publication Number Publication Date
CN106953860A true CN106953860A (en) 2017-07-14

Family

ID=59473753

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710166343.9A Pending CN106953860A (en) 2017-03-20 2017-03-20 A kind of data scanning method and scanning server

Country Status (1)

Country Link
CN (1) CN106953860A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107579983A (en) * 2017-09-13 2018-01-12 杭州安恒信息技术有限公司 Code security auditing method and device based on web log file
CN107832617A (en) * 2017-09-15 2018-03-23 北京知道未来信息技术有限公司 A kind of PHP code performs the black box detection method and device of leak
CN109525679A (en) * 2019-01-08 2019-03-26 郑州云海信息技术有限公司 A kind of web file server test method based on http protocol
WO2019184664A1 (en) * 2018-03-26 2019-10-03 华为技术有限公司 Method, apparatus, and system for detecting malicious file
CN111859404A (en) * 2020-07-30 2020-10-30 中国工商银行股份有限公司 Method, device, electronic equipment and medium for detecting system vulnerability of computer
CN112115470A (en) * 2020-09-15 2020-12-22 安徽长泰信息安全服务有限公司 Safety management auditing system based on data scanning, monitoring and evaluation

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103428249A (en) * 2012-05-23 2013-12-04 腾讯科技(深圳)有限公司 Collecting method and processing method for HTTP request packet, system and server
CN104836695A (en) * 2014-02-11 2015-08-12 腾讯科技(深圳)有限公司 Security scanning method in system testing process and testing server
CN105516131A (en) * 2015-12-04 2016-04-20 珠海市君天电子科技有限公司 Vulnerability scanning method and device and electronic equipment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103428249A (en) * 2012-05-23 2013-12-04 腾讯科技(深圳)有限公司 Collecting method and processing method for HTTP request packet, system and server
CN104836695A (en) * 2014-02-11 2015-08-12 腾讯科技(深圳)有限公司 Security scanning method in system testing process and testing server
CN105516131A (en) * 2015-12-04 2016-04-20 珠海市君天电子科技有限公司 Vulnerability scanning method and device and electronic equipment

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107579983A (en) * 2017-09-13 2018-01-12 杭州安恒信息技术有限公司 Code security auditing method and device based on web log file
CN107832617A (en) * 2017-09-15 2018-03-23 北京知道未来信息技术有限公司 A kind of PHP code performs the black box detection method and device of leak
CN107832617B (en) * 2017-09-15 2021-03-30 北京知道未来信息技术有限公司 Black box detection method and device for PHP code execution vulnerability
WO2019184664A1 (en) * 2018-03-26 2019-10-03 华为技术有限公司 Method, apparatus, and system for detecting malicious file
US11836253B2 (en) 2018-03-26 2023-12-05 Huawei Technologies Co., Ltd. Malicious file detection method, device, and system
CN109525679A (en) * 2019-01-08 2019-03-26 郑州云海信息技术有限公司 A kind of web file server test method based on http protocol
CN111859404A (en) * 2020-07-30 2020-10-30 中国工商银行股份有限公司 Method, device, electronic equipment and medium for detecting system vulnerability of computer
CN111859404B (en) * 2020-07-30 2023-09-05 中国工商银行股份有限公司 Method, device, electronic equipment and medium for detecting system loopholes of computer
CN112115470A (en) * 2020-09-15 2020-12-22 安徽长泰信息安全服务有限公司 Safety management auditing system based on data scanning, monitoring and evaluation

Similar Documents

Publication Publication Date Title
CN106953860A (en) A kind of data scanning method and scanning server
US10873594B2 (en) Test system and method for identifying security vulnerabilities of a device under test
CN105227383B (en) A kind of device of network topology investigation
CN111741114A (en) System, method and equipment capable of monitoring cross-chain interaction based on block chain
CN109981653A (en) A kind of web vulnerability scanning method
CN106982194A (en) Vulnerability scanning method and device
CN107666473A (en) The method and controller of a kind of attack detecting
CN106789391A (en) A kind of automated testing method and device of router DHCP functions
CN106790085A (en) Vulnerability scanning method, apparatus and system
CN106878341A (en) The vulnerability scanning method and device of the network equipment
CN117216772B (en) Fuzzy test case optimization method, device, equipment and readable medium
CN109783357A (en) The method and device of test application program, computer equipment, storage medium
CN110659481A (en) Vulnerability scanning method based on agent
CN107332804A (en) The detection method and device of webpage leak
CN111479287B (en) Simulation test method, device, equipment and storage medium for core network of non-independent networking
CN104348815B (en) Method and device for verifying verification code
CN106713242A (en) Data request processing method and device
CN113098852B (en) Log processing method and device
CN106407165B (en) The checking method and device of numerical value transfer record
CN107205241A (en) A kind of radio communication detection method and its equipment
CN104980316B (en) data link monitoring method and device
CN112153027B (en) Counterfeit behavior identification method, apparatus, device and computer readable storage medium
CN113595958B (en) Security detection system and method for Internet of things equipment
CN108322912A (en) A kind of method and device that short message distinguishes
CN112487433A (en) Vulnerability detection method and device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170714