The Analysis and Comparison of Website Security Scanning Products

doi:10.3969/j.issn.1671-1122.2014.09.041

Abstract

Abstract: With the rapid development of the internet, the problems of Web security are more and more serious, almost everyday lots of websites have been tampered, or injected with trojans horse, backdoors and other malicious programs. The scanning products of website security have sprung up, although these products cannot protect websites, they can help administrators understand vulnerabilities and security risks. But how to define the quality of these products? In this paper, website security scanning principles are explained in detail, after the comparative analysis, some suggestions on how to improve the capability of website security scanner are put forward.

Key words: vulnerability, Web spider, SQL injection, XSS vulnerability

DI Hong-bo, YU Shao-hui, SU Ji-cheng. The Analysis and Comparison of Website Security Scanning Products[J]. 信息网络安全, 2014, 14(9): 180-183.

[1]	ZHAO Zhiyan, JI Xiaomo. Research on the Intelligent Fusion Model of Network Security Situation Awareness [J]. Netinfo Security, 2020, 20(4): 87-93.
[2]	DUAN Bin, LI Lan, LAI Jun, ZHAN Jun. Research on Hardware Vulnerabilities Mining Method for Industrial Control Device Based on Dynamic Taint Analysis [J]. 信息网络安全, 2019, 19(4): 47-54.
[3]	HU Jianwei, ZHAO Wei, YAN Zheng, ZHANG Rui. Analysis and Implementation of SQL Injection Vulnerability Mining Technology Based on Machine Learning [J]. Netinfo Security, 2019, 19(11): 36-42.
[4]	WEN Weiping, LI Jingwei, JIAO Yingnan, LI Hailin. A Vulnerability Detection Method Based on Random Detection Algorithm and Information Aggregation [J]. 信息网络安全, 2019, 19(1): 1-7.
[5]	ZHAO Jian, WANG Rui, LI Siqi. Research on Smart Home Vulnerability Mining Technology Based on Taint Analysis [J]. 信息网络安全, 2018, 18(6): 36-44.
[6]	REN Xiaoxian, CHEN Jie, LI Chenyang, YANG Yixian. Hazard Assessment of IoT Vulnerabilities Correlation Based on Risk Matrix [J]. 信息网络安全, 2018, 18(11): 81-88.
[7]	DA Xiaowen, MAO Limin, WU Mingjie, GUO Min. Research on a Vulnerability Location Technology Based on Patch Matching and Static Taint Analysis [J]. 信息网络安全, 2017, 17(9): 5-5.
[8]	YANG Lianqun, MENG Kui, WANG Bin, HAN Yong. A New Detection Technique of SQL Injection Based on Hidden Markov Mode [J]. 信息网络安全, 2017, 17(9): 115-118.
[9]	WANG Xiajing, HU Changzhen, MA Rui, GAO Xinzhu. A Survey of the Key Technology of Binary Program Vulnerability Discovery [J]. 信息网络安全, 2017, 17(8): 1-13.
[10]	PENG Jianshan, XI Qi, WANG Qingxian. Automatic Exploitation of Integer Overflow Vulnerabilities in Binary Programs [J]. 信息网络安全, 2017, 17(5): 14-21.
[11]	ZHU Shuai, LUO Senlin, KE Dongxiang. Research on Automatic Building Approach of Windows Shellcode [J]. 信息网络安全, 2017, 17(4): 15-25.
[12]	LI Hongling, ZOU Jianxin. Research of SQL Injection Detection Based on SVM and Text Feature Extraction [J]. 信息网络安全, 2017, 17(12): 40-46.
[13]	LIU Fengyu, XIE Wei. Research on DLL Loading Vulnerability Defense Technology Based on Signature Verification [J]. 信息网络安全, 2017, 17(11): 62-66.
[14]	YU Shiyuan, WANG Yutian, LIU Xin. Burpsuite Extender Apply in Vulnerability Scanning [J]. 信息网络安全, 2016, 16(9): 94-97.
[15]	WANG Wenxu, ZHANG Jian, CHANG Qing, GU Zhaojun. Research on the Security Problem of Cloud Computing Virtualization Platform [J]. 信息网络安全, 2016, 16(9): 163-168.

The Analysis and Comparison of Website Security Scanning Products

RichHTML

PDF (PC)

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments