Abstract

In penetration testing practice, vulnerability verification usually relies on the reproduction of the exploitation process orthe description of the attack path. Although this method can provide direct evidence of the authenticity of thevulnerability, it may also introduce additional risks if the vulnerability is not repaired or involves sensitive systems,such as the abuse of the attack method or the internal system. The information was overexposed. Therefore, how tominimise information disclosure while ensuring the validity of verification has gradually become a practical problemthat needs to be faced in the process of security assessment. Focussing on this contradiction, zero-knowledge proofprovides a technical path different from the traditional way of thinking. Its basic idea is not to hide the informationitself, but to transform the question of "whether the loophole can be triggered" into a formal proposition by changingthe verification method, and verify it through the proof mechanism, so as not to disclose the specific On the premise ofinputting, executing the path or using the details, the verifier can confirm the existence of the vulnerability. Based onthis idea, this article analyses the application of zero-knowledge proof in vulnerability verification in combination withthe typical process in penetration testing. It focusses on the formal modelling method of vulnerability exploitationprocess, the construction method of constraint system, and the proof generation and verification mechanism, andfurther combines existing research to disclose vulnerabilities, Sort out the application possibilities in scenarios such astest result verification and software supply chain security. The analysis results show that this method has certainadvantages in reducing the risk of sensitive information leakage and enhancing the independence of the verificationprocess. It is especially suitable for environments with weak multi-party participation or trust. However, at the sametime, it still has certain limitations in terms of computing overhead, model expression ability and engineeringrealisation complexity. Relevant questions The question needs to be weighed according to the specific scenario inpractical application, and needs to be further improved by follow-up research.


Keywords: zero-knowledge proof(ZKP); penetration test; vulnerability verification; information disclosure control;software supply chain security