| With the growth of Internet popularity and the rapid evolution of Web technologies,challenges to online security become more and more serious.With the continuous deepening of information construction and the improvement of Web technology,Web application platform has been widely used in the field of e-government and e-commerce.Web technologies,in large part,changing the way people communicate and work.However,these new technologies have also brought unprecedented security risk while bringing convenience to the development of commercial activities.Existing XSS vulnerability detection technology is not perfect.For example,there is a need to open source code,the slow speed of detection and high rate of missing report.Therefore,it is necessary to do further research.XSS vulnerability detection principle,Technology and Research conducted in-depth study and research.The main work of this paper are as follows:Firstly,the Web crawler design.Compared to the common web crawler,my own crawler improve the efficiency,which has been optimized to our needs,eliminating the need for a lot of unnecessary pages crawling.So it saves a lot of time and system resources,so that the running time is shorter.What's more important,the crawling results are more in line with our requirements.The key part of this tool,vulnerability mining module design and implementation of and including URL Redirection Vulnerability mining module,reflective XSS vulnerability mining module and Post XSS vulnerability mining module.Test of the vulnerability mining tools,including scanning large portal,and comparing the result with the results of other existing vulnerability mining tools.Do a demo of making use of XSS vulnerability. |
PDF Full Text Request