【摘要】 随着Web应用的不断深化和推广,对应的Web漏洞和恶意攻击层出不穷,使得高效、准确地测试评估Web应用程序的安全性尤为重要。本文对Web应用安全测试技术,构建插件式、可扩展的安全测试技术框架,以及未知漏洞智能发掘方法和支持自定义的测试工具集成方法等关键技术进行了研究。在Web应用运行前和运行时,采用平台对其进行安全扫描和风险发现,可加强Web应用的安全检测,确保Web应用的安全可靠运行。更多还原

【Abstract】 Along with the development of Web application, it is urgent to test and evaluate the security of Web application efficiently to withstand the vulnerabilities. In this paper, key technologies like the detection framework with plug-ins、methods for discovering unknown vulnerabilities and mode of detection tools integration by user-defined are researched. Applying these technologies, the platform is able to scan and discover the vulnerabilities efficiently for Web application before and on running to insure its security.更多还原