Skip to content

Latest commit

 

History

History
76 lines (75 loc) · 3.38 KB

dast-engine-evaluation.md

File metadata and controls

76 lines (75 loc) · 3.38 KB
Raw
DAST引擎能力评价体系
graph LR
L1H1["黑盒扫描引擎评价体系"]==>L2H1["改包能力"]
L2H1["改包能力"]==>L3H1["url path"]
L2H1["改包能力"]==>L3H2["url参数"]
L3H2["url参数"]==>L4H2["key"]
L3H2["url参数"]==>L4H3["value"]
L4H3["value"]==>L5H3["value中的json"]
L4H3["value"]==>L5H4["value中的xml"]
L4H3["value"]==>L5H5["常规value"]
L2H1["改包能力"]==>L3H6["header"]
L3H6["header"]==>L4H6["key"]
L3H6["header"]==>L4H7["value"]
L3H6["header"]==>L4H8["cookie中的key"]
L3H6["header"]==>L4H9["cookie中的value"]
L2H1["改包能力"]==>L3H10["requestBody"]
L3H10["requestBody"]==>L4H10["key=value"]
L4H10["key=value"]==>L5H10["key"]
L4H10["key=value"]==>L5H11["value"]
L3H10["requestBody"]==>L4H12["json"]
L4H12["json"]==>L5H12["key"]
L4H12["json"]==>L5H13["value"]
L4H12["json"]==>L5H14["列表第n个值"]
L3H10["requestBody"]==>L4H15["xml"]
L4H15["xml"]==>L5H15["标签值"]
L4H15["xml"]==>L5H16["标签属性的key"]
L4H15["xml"]==>L5H17["标签属性的value"]
L3H10["requestBody"]==>L4H18["文件上传格式"]
L3H10["requestBody"]==>L4H19["二进制流"]
L3H10["requestBody"]==>L4H20["设置多个值"]
L2H1["改包能力"]==>L3H21["请求方法"]
L3H21["请求方法"]==>L4H21["GET"]
L3H21["请求方法"]==>L4H22["POST"]
L3H21["请求方法"]==>L4H23["PUT"]
L3H21["请求方法"]==>L4H24["DELETE"]
L1H1["黑盒扫描引擎评价体系"]==>L2H25["发包能力"]
L2H25["发包能力"]==>L3H25["并发数量控制"]
L2H25["发包能力"]==>L3H26["最大发包QPS(固定硬件/网络资源下)"]
L1H1["黑盒扫描引擎评价体系"]==>L2H27["payload"]
L2H27["payload"]==>L3H27["payload变形"]
L3H27["payload变形"]==>L4H27["替换参数"]
L3H27["payload变形"]==>L4H28["追加"]
L3H27["payload变形"]==>L4H29["payload前后增加非字母符号"]
L3H27["payload变形"]==>L4H30["大小写"]
L3H27["payload变形"]==>L4H31["原型"]
L2H27["payload"]==>L3H32["payload编码"]
L3H32["payload编码"]==>L4H32["base64"]
L3H32["payload编码"]==>L4H33["url编码"]
L1H1["黑盒扫描引擎评价体系"]==>L2H34["响应检测"]
L2H34["响应检测"]==>L3H34["响应header识别"]
L2H34["响应检测"]==>L3H35["响应body识别"]
L2H34["响应检测"]==>L3H36["状态码"]
L2H34["响应检测"]==>L3H37["响应时间"]
L2H34["响应检测"]==>L3H38["响应body实际类型"]
L2H34["响应检测"]==>L3H39["前端渲染"]
L2H34["响应检测"]==>L3H40["dnslog"]
L1H1["黑盒扫描引擎评价体系"]==>L2H41["登录态"]
L2H41["登录态"]==>L3H41["自定义"]
L1H1["黑盒扫描引擎评价体系"]==>L2H42["爬虫"]
L2H42["爬虫"]==>L3H42["主动式"]
L3H42["主动式"]==>L4H42["是否支持爬取深度配置"]
L3H42["主动式"]==>L4H43["是否支持不同源站点"]
L3H42["主动式"]==>L4H44["是否支持禁爬"]
L3H42["主动式"]==>L4H45["是否支持跳转层数配置"]
L3H42["主动式"]==>L4H46["爬取接口支持类型"]
L4H46["爬取接口支持类型"]==>L5H46["html表单"]
L4H46["爬取接口支持类型"]==>L5H47["ajax请求"]
L3H42["主动式"]==>L4H48["爬取页面完整度"]
L2H42["爬虫"]==>L3H49["被动式"]
L1H1["黑盒扫描引擎评价体系"]==>L2H50["扫描控制"]
L2H50["扫描控制"]==>L3H50["扫描节点动态扩缩容"]
L2H50["扫描控制"]==>L3H51["是否支持扫描中止"]
L2H50["扫描控制"]==>L3H52["是否支持扫描规则自定义"]
L2H50["扫描控制"]==>L3H53["是否支持扫描规则热更新"]
Loading