Repository navigation
iast
- Website
- Wikipedia
Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives.
♾️ Collection of DevSecOps Notes + Resources + Courses + Tools
Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
In progress. Interactive Analysis Platform for Distributed Debugging and Security Testing (IAST, SCA).
Static-Code-Analysis-Helper helps you perform static code analysis.
Contrast Security Instrumentation for Dockerized Webgoat, with lab instructions.
Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions such as vulnerability detection and code audit during application development, enabling developers to find application vulnerabilities more intuitively, quickly and in real time during application development.
This repository has been merged into https://github.com/HXSecurity/DongTai. DongTai-engine used to analyze the method data collected by the probe, analyze whether there are vulnerabilities in API requests through the algorithm of taint tracking, and is also responsible for timing tasks, including: expired log cleaning, probe state maintenance, data packet replay processing, etc.
dongtai web is the front-end project of "huoxian DongTaiIast" and is responsible for page display
AIM (Adsorption Integrated Modules) is a collection of MATLAB based GUI modules for adsorption isotherm based fixed bed process modelling
A prototype of an Interactive Application Security Testing System