Internet security analysis system and process
DCFirst Claim
Patent Images
1. A process of detecting security vulnerabilities present in a target Web site, comprising:
- establishing an Internet connection with the target Web site;
retrieving a default Web page for the target Web site;
parsing through the default Web page to identify any linked-to Web pages or objects which are included in the default Web page;
automatically passing an authorized username and password to the target Web site, if required to gain access to the target Web site;
scanning the target Web site for at least one known exploit in order to identify security vulnerabilities;
applying at least one predetermined hack method to the target Web site in order to identify security vulnerabilities; and
outputting the security vulnerabilities.
11 Assignments
Litigations
0 Petitions
Accused Products
Abstract
An automated Web security analysis system and process identifies security vulnerabilities in a target Internet Web site by parsing through the target Web site to search for a predetermined list of common security vulnerabilities. The process is recursive, exploiting information gathered throughout the process to search for additional security vulnerabilities. A prioritized list of detected security vulnerabilities is then presented to a user, including preferably a list of recommendations to eliminate the detected security vulnerabilities.
128 Citations
66 Claims
-
1. A process of detecting security vulnerabilities present in a target Web site, comprising:
-
establishing an Internet connection with the target Web site; retrieving a default Web page for the target Web site; parsing through the default Web page to identify any linked-to Web pages or objects which are included in the default Web page; automatically passing an authorized username and password to the target Web site, if required to gain access to the target Web site; scanning the target Web site for at least one known exploit in order to identify security vulnerabilities; applying at least one predetermined hack method to the target Web site in order to identify security vulnerabilities; and outputting the security vulnerabilities. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A process of detecting security vulnerabilities present in a target Web site, comprising:
-
establishing an Internet connection with the target Web site; retrieving a default Web page for the target Web site; parsing through the default Web page to identify any linked-to Web pages or objects which are included in the default Web page, wherein the parsing includes performing a keyword search in order to detect at least one point of interest; scanning the target Web site for at least one known exploit in order to identify security vulnerabilities; applying at least one predetermined hack method to the target Web site in order to identify security vulnerabilities; and prioritizing the security vulnerabilities. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A process of detecting security vulnerabilities present in a target Web site, comprising:
-
establishing an Internet connection with the target Web site; retrieving a default Web page for the target Web site; parsing through the default Web page to identify any linked-to Web pages or objects which are included in the default Web page; scanning the target Web site for at least one known exploit in order to identify security vulnerabilities; applying at least one predetermined hack method to the target Web site in order to identify security vulnerabilities, wherein the applying at least one predetermined hack method includes attempting to access unauthorized files located outside the target Web site'"'"'s root directory; and outputting the security vulnerabilities. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
-
37. A system for detecting security vulnerabilities present in a target Web site, comprising:
-
memory for storing; a Web page database; at least one exploit; and a security vulnerability database; and a processor connected to the memory and being configured to; establish an Internet connection with the target Web site; retrieve a default Web page for the target Web site; parse through the default Web page to identify any linked-to Web pages or objects which are included in the default Web page; automatically pass an authorized username and password to the target Web site, if required to gain access to the target Web site; scan the target Web site for at least one known exploit in order to identify security vulnerabilities; apply at least one predetermined hack method to the target Web site in order to identify security vulnerabilities; and prioritize the security vulnerabilities. - View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45, 46)
-
-
47. A system for detecting security vulnerabilities present in a target Web site, comprising:
-
memory for storing; a Web page database; at least one exploit; and a security vulnerability database; and a processor connected to the memory and being configured to; establish an Internet connection with the target Web site; retrieve a default Web page for the target Web site; parse through the default Web page to identify any linked-to Web pages or objects which are included in the default Web page, wherein the parsing includes performing a keyword search in order to detect at least one point of interest; scan the target Web site for at least one known exploit in order to identify security vulnerabilities; apply at least one predetermined hack method to the target Web site in order to identify security vulnerabilities; and output the security vulnerabilities. - View Dependent Claims (48, 49, 50, 51, 52, 53, 54, 55, 56, 57)
-
-
58. A system for detecting security vulnerabilities present in a target Web site, comprising:
-
memory for storing; a Web page database; at least one exploit; and a security vulnerability database; and a processor connected to the memory and being configured to; establish an Internet connection with the target Web site; retrieve a default Web page for the target Web site; parse through the default Web page to identify any linked-to Web pages or objects which are included in the default Web page; scan the target Web site for at least one known exploit in order to identify security vulnerabilities; apply at least one predetermined hack method to the target Web site in order to identify security vulnerabilities, wherein the applying at least one predetermined hack method includes attempting to access unauthorized files located outside the target Web site'"'"'s root directory; and output the security vulnerabilities. - View Dependent Claims (59, 60, 61, 62, 63, 64, 65, 66)
-
Specification