此研究不僅展示了黑箱技術在網路安全中的應用潛力,還為未來 相關領域的研究和實踐提供了寶貴的參考。 ;This study presents an automated discovery platform for web server URLs, subdomains, and paths based on black box techniques, aiming to improve website management and network security. Traditionally, discovering subdomains and paths is manual, time-consuming, and errorprone. To address this, we propose the "RuneAlpha" system, which uses advanced black-box techniques, automated tools, and fuzz testing to efficiently identify all subdomains and paths of a website without needing internal site knowledge.
The RuneAlpha system includes a management platform and the Rune scanning module, capable of automatically exploring websites to discover subdomains and potential paths. Testing on six types of websites showed that RuneAlpha significantly outperforms manual methods in effectiveness, accuracy, and completeness. The Rune scanning module combines fuzz testing and crawling techniques with other web application scanning tools to identify potential vulnerabilities. This technology offers new tools and methods for better website management and network security, helping organizations protect and manage their web resources more effectively.
This study demonstrates the potential of black-box technology in network security and provides valuable references for future research and practice.
