Abstract: A method, a client, and a system for testing an application. A webpage file includes codes for simulating a malicious attack. The method includes providing, by the test client, a network address of the webpage file to the tested application, wherein when the tested application loads the webpage file according to the network address, the tested application executes the codes comprised in the webpage file to attempt to read content of a private file in a private directory of the tested application. When the tested application successfully reads the content of the private file, the tested application transmits a message carrying the content of the private file to a test server through a local terminal device, wherein the test server determines whether the tested application has a security loophole according to the message transmitted by the tested application.

Abstract: A method, a client, and a system for testing an application. A webpage file includes codes for simulating a malicious attack. The method includes providing, by the test client, a network address of the webpage file to the tested application, wherein when the tested application loads the webpage file according to the network address, the tested application executes the codes comprised in the webpage file to attempt to read content of a private file in a private directory of the tested application. When the tested application successfully reads the content of the private file, the tested application transmits a message carrying the content of the private file to a test server through a local terminal device, wherein the test server determines whether the tested application has a security loophole according to the message transmitted by the tested application.

Abstract: A method for detecting a security vulnerability for an animation source file is provided. The method may include: decompiling the animation source file and acquiring a program structure and a syntactic model of the animation source file; converting the program structure and the syntactic model into an abstract syntax tree (AST); constructing symbol tables and function summaries based on the AST; and performing a taint backtracking on the symbol tables and the function summaries and detecting whether the animation source file has the security vulnerability according to a vulnerability rule.

Abstract: A method for detecting a security vulnerability for an animation source file is provided. The method may include: decompiling the animation source file and acquiring a program structure and a syntactic model of the animation source file; converting the program structure and the syntactic model into an abstract syntax tree (AST); constructing symbol tables and function summaries based on the AST; and performing a taint backtracking on the symbol tables and the function summaries and detecting whether the animation source file has the security vulnerability according to a vulnerability rule.