基于分布式跨站脚本漏洞检测技术的研究

mong the attacks on Web applications, XSS is one of the most common security risks. Against to the low accuracy and inefficient of those cross-site scripting vulnerability detection tool, this paper proposes a distributed multi-threaded static and dynamic binding cross-site scripting vulnerability detection program, which uses a distributed architecture, multi-threaded web crawler algorithm to find XSS vulnerabilities targeting and then dynamically generate the specific XSS vulnerabilities attack vector library, and then using this attack vector library simulated attack. This can comprehensive and quickly to conduct cross-site vulnerability detection on this web. The experimental results show that the proposed scheme has a certain degree of accuracy, efficiency and scalability, it improved the detection efficiency and can detect more XSS vulnerabilities.