发明名称 |
Security scan based on dynamic taint |
摘要 |
Example embodiments disclosed herein relate to generating a scanning strategy based on a dynamic taint module. A dynamic taint module associated with an application is caused to be initiated for a crawling phase of a security test. A report is received from the dynamic taint module. The dynamic taint module is restricted. The scanning strategy is based on the report. |
申请公布号 |
US9558355(B2) |
申请公布日期 |
2017.01.31 |
申请号 |
US201214424401 |
申请日期 |
2012.08.29 |
申请人 |
HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP |
发明人 |
Madou Matias;Sum Sam Ng Ming |
分类号 |
G06F21/00;G06F21/57;H04L29/06;G06F17/30 |
主分类号 |
G06F21/00 |
代理机构 |
Hewlett Packard Enterprise Patent Department |
代理人 |
Hewlett Packard Enterprise Patent Department |
主权项 |
1. A computing system comprising:
an application security scanner including at least one hardware processor and a machine-readable storage medium storing instructions that, when executed by the at least one hardware processor, cause the at least one hardware processor to: cause a dynamic taint module associated with the application security scanner to initiate a crawl phase of a security test for an application under test to execute at a server separate from the scanner, wherein the dynamic taint module is executed at the server, wherein the dynamic taint module is to: intercept program execution of the application under test during the crawl phase to determine a plurality of security vulnerability candidates, wherein the dynamic taint module is to mark a plurality of untrusted user inputs as taint sources and trace the respective untrusted user inputs to determine whether the respective untrusted user input lead to a function call associated with vulnerability; wherein the security test includes the crawl phase and an attack; perform a dynamic taint analysis by the dynamic taint module as part of the crawl phase of the security test; receive a report including the security vulnerability candidates from the dynamic taint module; cause restriction of the dynamic taint module; and generate a scanning strategy based on the security vulnerability candidates from the report received from the dynamic taint module to use in the attack. |
地址 |
Houston TX US |