摘要:The number of Web controls’ security vulnerability surged with ever-changing varieties of attacks. Therefore this paper analyzes test model for Web controls’ vulnerability, and put forward a improved test model for Web controls’ vulnerability. Be aimed to test vulnerability of Web ActiveX controls combining static analysis and dynamic analysis, as well as put forward a proposal of optimizing the generation engine for test data using “heuristic rule”. Experiment results show that test model for Web controls’ vulnerability based on fuzzing is effective and feasible, and it is able to manipulate interaction problems.
关键词:Fuzzing test; Web controls; vulnerability test; vulnerability analysis