文件名称:WEB
介绍说明--下载内容均来自于网络,请自行研究使用
在针对ELF文件 PE文件(.exe与.dll)的漏洞挖掘过程中,出现了很多的漏洞挖掘
技术,但是针对PE文件 ELF文件的漏洞挖掘始终停留在了黑盒测试(包括单元黑盒测试)
源代码审计等办法.通过RATS等源代码审计软件可以找到部分源代码级别的漏洞信息,
但是毕竟源代码审计软件寻找的多数为strcpy memcpy等存在缓冲区溢出遗患的C函数,所以通过审计源代码的办法来进行漏洞挖掘是一个可能性系数很小的漏洞挖掘技术-Loopholes for the ELF file PE file (. Exe and. Dll) mining process, there has been a lot of loopholes in mining technology, but digging for loopholes in the PE file ELF file always stay in the black-box testing (including unit black box testing) The source code audit approach. RATS audit software source code can be found in the part of the source code level vulnerability information, but, after all, the audit software source code to find the majority of C function strcpy memcpy there a buffer overflow Aftermath, so by the audit source code approach to vulnerability mining is a very small probability coefficient loophole mining techniques
技术,但是针对PE文件 ELF文件的漏洞挖掘始终停留在了黑盒测试(包括单元黑盒测试)
源代码审计等办法.通过RATS等源代码审计软件可以找到部分源代码级别的漏洞信息,
但是毕竟源代码审计软件寻找的多数为strcpy memcpy等存在缓冲区溢出遗患的C函数,所以通过审计源代码的办法来进行漏洞挖掘是一个可能性系数很小的漏洞挖掘技术-Loopholes for the ELF file PE file (. Exe and. Dll) mining process, there has been a lot of loopholes in mining technology, but digging for loopholes in the PE file ELF file always stay in the black-box testing (including unit black box testing) The source code audit approach. RATS audit software source code can be found in the part of the source code level vulnerability information, but, after all, the audit software source code to find the majority of C function strcpy memcpy there a buffer overflow Aftermath, so by the audit source code approach to vulnerability mining is a very small probability coefficient loophole mining techniques
(系统自动生成,下载前可以参看下载内容)
下载文件列表
WEB漏洞挖掘技术.txt