最好的web漏洞扫描器应该是什么样的?
什么是漏洞扫描器?
它有漏洞扫描器和一系列的安全工具。
It has a Vulnerability Scanner and a series of security tools.
Web漏洞扫描器能帮助我们修补漏洞吗?
Can web vulnerability scanners help you remediate the vulnerability?
如何获知哪一款web漏洞扫描器适合需要?
How can I find out which web vulnerability scanner best suites my needs?
对于正在评估web漏洞扫描器的人应该读读这篇访谈文章。
A must read interview for anyone who is interested in evaluating web vulnerability scanners.
其次,你应该检查web漏洞扫描器发现了多少实际存在的漏洞。
Secondly, you should also check how many actual vulnerabilities the web vulnerability scanner discovered.
很多软件公司开发出web漏洞扫描器,然后给你试用版的许可证。
Most of the software companies developing web vulnerability scanners will willingly give you evaluation licenses.
本文提出了基于端口扫描和插件的网络漏洞扫描器模型。
The network vulnerability scanner based on port scanning and plugin is proposed in this article.
你也能在互联网上找到很多关于web漏洞扫描器的信息和他们的性能指标。
You can also find a lot of information on the Internet about web vulnerability scanners and their performance.
利用多线程技术实现了CGI漏洞扫描器,扫描速度快且易于漏洞扩展。
A scanner of holes in CGI is implemented in multi-thread technology. Its scan speed is very quick and holes are easily extended.
Web漏洞扫描器是功能复杂的软件,用它去发现站点中的漏洞的过程是漫长而艰辛的。
A web vulnerability scanner is a complex piece of software, and discovering vulnerabilities in a website can be a difficult and long process.
简言之,漏洞扫描器是专门设计用于查找和暴露应用程序和操作系统中的弱点的软件。
Simply put, a vulnerability scanner is a piece of software specifically designed to search for and reveal weaknesses in an application or operating system.
在这篇访谈中,我们谈论了选择web漏洞扫描器的过程以及在选择的过程中应该注意的因素。
In this interview we discuss the process of choosing a web vulnerability scanner and underline several factors that should be taken into consideration in the decision-making process.
Metasploit比常规漏洞扫描器更进一步:它支持您研究自己的攻击和交付机制。
Metasploit goes a step beyond regular vulnerability scanners: it provides you the ability to develop your own exploits and delivery mechanisms.
Nessus漏洞扫描器提供几个重要的扫描特性,比如高速发现、资产概况和漏洞分析。
The Nessus vulnerability scanner provides several important scanning features, such as high-speed discovery, asset profiling, and vulnerability analysis.
Nessus漏洞扫描器提供几个重要的扫描特性,比如高速探测、资产分析和漏洞分析。
The Nessus vulnerability scanner provides several important scanning features, such as high-speed discovery, asset profiling, and vulnerability analysis.
漏洞扫描器类似于其他类型的扫描器——例如,端口扫描器有助于保障端口上的网络和系统的安全。
A vulnerability scanner is similar to other types of scanners-for example, port scanners help secure the network and the systems on it.
一些商业web漏洞扫描器也会根据安全建议提供一些关于这个漏洞的参考链接,帮助你发现你需要的信息。
Some of the commercial web vulnerability scanners out there also suggest a number of web links when a vulnerability is reported, where you can usually find all the information you need.
最好的找到一款适合你的web漏洞扫描器软件套装的方法是,当你的站点出现问题的时候它能帮助你把站点变的安全。
The best way to find out which web vulnerability scanner suites your needs is to get your hands dirty and try them out yourself against a real life website that you will be securing.
这个抓取的过程在扫描过程中是至关重要的一步,因此你要确定web漏洞扫描器能够抓取关于站点的所有对象和输入点。
The crawling process is the most crucial part of the scan, so you should always make sure that the web vulnerability scanner is able to crawl all of the website’s objects and inputs.
利用漏洞扫描器及入侵检测系统的统计结果两方面信息 ,提出了应用模糊信息融合对安全漏洞进行定性评估的方法 。
This paper made use of statistical results of vulnerability scanner and intrusion detection systems and presented method of qualitative evaluation of security vulnerability based on fuzzy data fusion.
在这种情况下,你就要手动进行渗透测试了——web漏洞扫描器的目的在于减轻你的工作,使你更有效率——而不是浪费你的时间。
In such cases, you might as well do the penetration test manually - a web vulnerability scanner's purpose is to ease your job and help you be more productive - not to waste your time.
一款自动化web漏洞扫描器会很好的帮助你发现这个参数,并理解web应用是如何运用参数的,但是它永远不能发现应用中的缺陷。
An automated web vulnerability scanner will definitely help you discover this parameter, understand how the web application works and USES such a parameter, but it will never discover flaw in it.
你一定不希望一个扫描器误报给你一大堆错误漏洞,然后让你一个一个的去检查。
You do not want a scanner to report a large number of false positives because then you have to check each one by yourself.
这个扫描器可能试图研究漏洞(如果支持该特性),但这取决于扫描器的先进程度。
Depending on how advanced the scanner is, the software may attempt to exploit vulnerabilities (if this feature is supported).
黑客入侵的一般过程:首先,攻击者随机或者有针对性地利用扫描器去发现互联网上那些有漏洞的机器。
Hackers general process: first, the attacker random or purposeful use scanners to find the Internet those a loophole machine.
黑客入侵的一般过程:首先,攻击者随机或者有针对性地利用扫描器去发现互联网上那些有漏洞的机器。
Hackers general process: first, the attacker random or purposeful use scanners to find the Internet those a loophole machine.
应用推荐