Skip to content
/ DongTai Public template
forked from j5s/DongTai

“火线~洞态IAST”是一款专为甲方安全人员、代码审计工程师和0 Day漏洞挖掘人员量身打造的辅助工具,可用于集成devops环境进行漏洞检测、作为代码审计的辅助工具和自动化挖掘0 Day。

License

Notifications You must be signed in to change notification settings

Nizernizer/DongTai

 
 

Repository files navigation

DongTai

django-project license GPL-3.0 DongTai-project

DongTai--webapi DongTai--openapi DongTai--engine DongTai--web DongTai--agent--java

中文版本(Chinese version)

About DongTai IAST

DongTai IAST is an open-source passive interactive security testing (IAST) product. It uses dynamic hooks and taint tracking algorithms to achieve universal vulnerability detection and multiples request associated with vulnerability detection (including but not limited to unauthorized vulnerabilities, overpower vulnerabilities), Third-party component vulnerability detection, etc. Currently, applications in Java and Python are supported for vulnerability detection.

Architecture

DongTai IAST has multiple basic services, including DongTai-web, DongTai-webapi, DongTai-openapi, DongTai-engine, agent, DongTai-deploy, DongTai-Base-Image and DongTai-Plugin-IDEA:

  • DongTai-web is the product page of DongTai, which is used to handle the interaction between users and cave states.
  • DongTai-webapi is responsible for handling user-related operations.
  • DongTai-openapi is used to process the registration/heartbeat/call method/third-party component/error log data reported by agent, issue hook strategy, issue probe control commands, etc.
  • DongTai-engine analyzes whether there are vulnerabilities in HTTP/HTTPS/RPC requests according to the calling method data and taint tracking algorithm, and is also responsible for other related timing tasks.
  • agent is a probe module of DongTai, including data collection terminals in different programming languages, used to collect data during application runtime and report to the DongTai-OpenAPI service.
  • DongTai-deploy is used for the deployment of DongTai IAST, including docker-compose single-node deployment, Kubernetes cluster deployment, etc. If you want a deployment plan, you can add features or contribute to the deployment plan.
  • DongTai-Base-Image contains the basic services that DongTai depends on runtime, including MySql, Redis.
  • DongTai-Plugin-IDEA is the IDEA plug-in corresponding to the Java probe. You can run the Java probe directly through the plug-in and detect the vulnerabilities directly in IDEA.

Scenario

The usage scenarios of "DongTai IAST" include but not limited to:

  • Embed the DevSecOps process to realize automatic detection of application vulnerabilities/third-party component combing/third-party component vulnerability detection.
  • Common vulnerability mining for open source software/open source components.
  • Security testing before release, etc.

Quick start

DongTai IAST supports SaaS Service and Localized Deployment. Please refer to Deployment Document for localized deployment.

1. SaaS Version

2. Localized Deployment Version [Open Source for Jointly Partnership]

Please follow the instructions bellow to apply the localized deployment version

DongTai IAST supports a variety of deployment schemes which refer to Deployment Document:

Docker-compose

$ git clone [email protected]:HXSecurity/DongTai.git
$ cd DongTai
$ chmod u+x build_with_docker_compose.sh
$ ./build_with_docker_compose.sh

How To Apply

DongTai IAST Jointly Partnership Program, registration address

Contributing

Contributions are welcomed and greatly appreciated. Further reading — CONTRIBUTING.md for details on submitting patches and contribution workflow.

Any questions? Let's discuss in #DongTai discussions

Futher Resources

About

“火线~洞态IAST”是一款专为甲方安全人员、代码审计工程师和0 Day漏洞挖掘人员量身打造的辅助工具,可用于集成devops环境进行漏洞检测、作为代码审计的辅助工具和自动化挖掘0 Day。

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Shell 100.0%