Vulnerability association method and system of Web application, electronic equipment and storage medium

Vulnerability association method and system of Web application, electronic equipment and storage medium

The invention relates to a vulnerability association method and system of a Web application, electronic equipment and a storage medium. The vulnerability association method of the Web application specifically comprises the following steps: adding a Hook JS into an HTML file; the Hook JS extracts DOM...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: WANG JIANFENG, FAN BINGHUA, XIONG KUI, JEONG JI-YOUNG, XU FENG
Format: Patent
Sprache:chi ; eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention relates to a vulnerability association method and system of a Web application, electronic equipment and a storage medium. The vulnerability association method of the Web application specifically comprises the following steps: adding a Hook JS into an HTML file; the Hook JS extracts DOM information from the HTML file according to the user instruction, wherein the DOM information comprises instruction coordinates; performing page rendering based on a user instruction, when the security monitoring tool monitors vulnerability information, rendering the DOM information to generate a page file, and marking the page file based on instruction coordinates; and associating the page file with the vulnerability information. According to the method, the front-end JS Hook and DOM operation technologies are utilized to realize front-end and back-end association, so that the corresponding relationship between the specific URL for triggering the vulnerability and the browser page is clear at a glance, research p