| With the further development of the Internet,social networks,e-commerce,online banking and other websites are circulating 100 million levels of enterprise and user information every day.The loopholes in the website itself will lead to the leakage of sensitive information,so the scanning of network vulnerabilities is very important.Through the investigation and analysis of the vulnerability scanning technology,the URL and vulnerability scanning parts of the crawling web page are optimized.On the one hand,this paper uses the Farm Hash algorithm compression combined with the bloom filter to carry out the URL weight removal,which reduces the time and space complexity,and improves the crawler crawling speed and the scanning speed of the vulnerability scanner.On the other hand,this paper uses dynamic link library and plug-in technology to design and implement vulnerability scanning library,built-in more than 80 vulnerability scanning plug-ins,and support user-defined scanning plug-ins to achieve high scalability of vulnerability scanners.Based on the above optimization scheme,a lightweight vulnerability scanner is designed and implemented in this paper.The vulnerability scanner consists of four modules: command-line parsing and configuration module,crawler module,vulnerability scanning module,scanning report module.The user starts the task by typing the command from the command line,the system parses the command line and initializes the configuration with the configuration file,then the system calls the crawler module to crawl according to the configuration url,dynamically loads the scan plug-in according to the configuration and crawling url,and finally the scan report module integrates the crawl result and scan result.Unified output result text to the user,complete the scan.Finally,we test each function module of the vulnerability scanner,and find that it can run well,and have certain fault tolerance,then build the target machine to carry on the vulnerability scanning test,the result shows that the vulnerability scanner can scan the vulnerability and has good performance,so the vulnerability scanner function in this paper is perfect and has certain availability. |