Repository navigation
iast
- Website
- Wikipedia
Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives.
♾️ Collection of DevSecOps Notes + Resources + Courses + Tools
Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
Static-Code-Analysis-Helper helps you perform static code analysis.
New version in progress. Interactive Application Security Testing (IAST) platform.
Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions such as vulnerability detection and code audit during application development, enabling developers to find application vulnerabilities more intuitively, quickly and in real time during application development.
Contrast Security Instrumentation for Dockerized Webgoat, with lab instructions.
This repository has been merged into https://github.com/HXSecurity/DongTai. DongTai-engine used to analyze the method data collected by the probe, analyze whether there are vulnerabilities in API requests through the algorithm of taint tracking, and is also responsible for timing tasks, including: expired log cleaning, probe state maintenance, data packet replay processing, etc.
IAST agent for passive interactive security testing of web applications in Python.
dongtai web is the front-end project of "huoxian DongTaiIast" and is responsible for page display
DevSecOps CI/CD plugin for generating PDF reports from application security testing tools (SARIF format).
AIM (Adsorption Integrated Modules) is a collection of MATLAB based GUI modules for adsorption isotherm based fixed bed process modelling