There are no reviews yet. Be the first to send feedback to the community and the maintainers!
DongTai
Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabilities in Java applications and third-party components through passive instrumentation. It is particularly suitable for use in the testing phase of the development pipeline.DongTai-agent-java
Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.TerraformGoat
TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.DongTai-Doc
DongTai IAST documentation.vulhub-compose
vulhub-compose是一款屏蔽docker-compose的命令行工具,目的是降低火线平台社区用户使用vulhub靶场的难度,减少学习docker-compose的时间成本;同时,支持直接安装洞态IAST(原灵芝IAST)到vulhub靶场,用于漏洞复现、漏洞挖掘。CloudSecWiki
CloudSecWiki is a cloud security oriented knowledge base maintained by HuoCorp.DongTai-agent-go
Go Agent is a go application probe of DongTai IAST, which collects method invocation data during runtime of Go application by dynamic hooks.DongTai-agent-python
Python Agent is a Python application probe of DongTai IAST, which collects method invocation data during runtime of Python application by dynamic hooks.DongTai-Plugin-IDEA
Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions such as vulnerability detection and code audit during application development, enabling developers to find application vulnerabilities more intuitively, quickly and in real time during application development.DongTai-engine
This repository has been merged into https://github.com/HXSecurity/DongTai. DongTai-engine used to analyze the method data collected by the probe, analyze whether there are vulnerabilities in API requests through the algorithm of taint tracking, and is also responsible for timing tasks, including: expired log cleaning, probe state maintenance, data packet replay processing, etc.DongTai-web
dongtai web is the front-end project of "huoxian DongTaiIast" and is responsible for page displayDongTai-webapi
DongTai-WebAPI is the server part of the management tool of DongTai-IASTDongtai-Base-Image
DongTai-Base-Image is used to build DongTai's basic services, including MySql, Redisdongtai-core
Provides the Django Model class that the DongTai project depends on, the Django API abstract class of the DongTai project, the vulnerability detection engine, constants, documents, etc.DongTai-openapi
DongTai-openapi is used to process probe registration, issue hook strategies, receive method call data/component data/error log/heartbeat data, issue vulnerability detection tasks, issue packet replay data, etc.dongtai-deploy
DongTai-Deploy is used to quickly deploy DongTai.DongTai-docs
DongTai-Benchmark
DongTai agent performance testDongtai_USB
DongTai-website
DongTai-websiteDongTai-agent-java-demo
DongTai-Doc-en
DongTai IAST documentation in English.Love Open Source and this site? Check out how you can help us