• Stars
    star
    242
  • Rank 167,048 (Top 4 %)
  • Language
    HTML
  • License
    Other
  • Created over 4 years ago
  • Updated about 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

DongTai IAST documentation.

More Repositories

1

DongTai

Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabilities in Java applications and third-party components through passive instrumentation. It is particularly suitable for use in the testing phase of the development pipeline.
Python
1,233
star
2

DongTai-agent-java

Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.
Java
663
star
3

TerraformGoat

TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.
HCL
500
star
4

DongTai-SDK-Python

DongTai API SDK
Python
51
star
5

vulhub-compose

vulhub-compose是一款屏蔽docker-compose的命令行工具,目的是降低火线平台社区用户使用vulhub靶场的难度,减少学习docker-compose的时间成本;同时,支持直接安装洞态IAST(原灵芝IAST)到vulhub靶场,用于漏洞复现、漏洞挖掘。
Python
44
star
6

CloudSecWiki

CloudSecWiki is a cloud security oriented knowledge base maintained by HuoCorp.
JavaScript
42
star
7

DongTai-agent-go

Go Agent is a go application probe of DongTai IAST, which collects method invocation data during runtime of Go application by dynamic hooks.
Go
39
star
8

DongTai-agent-python

Python Agent is a Python application probe of DongTai IAST, which collects method invocation data during runtime of Python application by dynamic hooks.
C
22
star
9

DongTai-Plugin-IDEA

Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions such as vulnerability detection and code audit during application development, enabling developers to find application vulnerabilities more intuitively, quickly and in real time during application development.
Java
22
star
10

DongTai-engine

This repository has been merged into https://github.com/HXSecurity/DongTai. DongTai-engine used to analyze the method data collected by the probe, analyze whether there are vulnerabilities in API requests through the algorithm of taint tracking, and is also responsible for timing tasks, including: expired log cleaning, probe state maintenance, data packet replay processing, etc.
Python
19
star
11

DongTai-web

dongtai web is the front-end project of "huoxian DongTaiIast" and is responsible for page display
CSS
17
star
12

DongTai-webapi

DongTai-WebAPI is the server part of the management tool of DongTai-IAST
Python
8
star
13

Dongtai-Base-Image

DongTai-Base-Image is used to build DongTai's basic services, including MySql, Redis
PLpgSQL
7
star
14

dongtai-core

Provides the Django Model class that the DongTai project depends on, the Django API abstract class of the DongTai project, the vulnerability detection engine, constants, documents, etc.
Python
5
star
15

DongTai-openapi

DongTai-openapi is used to process probe registration, issue hook strategies, receive method call data/component data/error log/heartbeat data, issue vulnerability detection tasks, issue packet replay data, etc.
Python
5
star
16

dongtai-deploy

DongTai-Deploy is used to quickly deploy DongTai.
Shell
4
star
17

DongTai-docs

TypeScript
3
star
18

DongTai-Benchmark

DongTai agent performance test
Java
2
star
19

Dongtai_USB

Go
2
star
20

DongTai-website

DongTai-website
HTML
1
star
21

DongTai-agent-java-demo

Java
1
star
22

DongTai-Doc-en

DongTai IAST documentation in English.
1
star