摘要
使用集成框架技术提升Web系统的开发效率,成为更多软件开发设计人员的首选.当下,网络安全的重要性已渗透到社会生活的方方面面,而用于发现网站安全漏洞的渗透测试系统还不是很多.为此,本文以网络安全渗透测试系统的开发研究为目标,使用Spring、SpringMVC和MyBatis框架技术,对系统的层次及功能进行划分和说明,而后进行系统的设计实现,最后以该系统作为平台测试发现了某网站页面存在假冒登陆漏洞的事实,并给出了针对性的防范建议.
Using integrated framework technology can improve the development efficiency of web system,which has become the first choice of more and more software developers and designers.At present,the importance of network security has penetrated into all aspects of social life,and there are not many penetration testing systems used to detect website security vulnerabilities.Therefore,this paper takes the development and research of network security penetration testing system as the goal,uses Spring,Spring MVC and MyBatis framework technology to divide and explain the level and function of the system,and then designs and implements the system.Finally,the system is used as a platform to test the fact that a website page has a fake login vulnerability,and this paper gives some targeted preventive suggestions.
作者
陈志伟
CHEN Zhiwei(Department of Automation Engineering,Fujian Forestry Vocational and technical college,Nanping Fujian 353000,China)
出处
《鞍山师范学院学报》
2021年第2期57-60,共4页
Journal of Anshan Normal University
关键词
SSM框架技术
网络安全
渗透测试
漏洞
SSM framework technology
Network security
Penetration testing
Vulnerability
作者简介
陈志伟(1983-),男,福建福州人,福建林业职业技术学院自动化工程系讲师、工程师,主要从事网络信息安全方向.
