Repository navigation
iast
- Website
- Wikipedia
Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives.
♾️ Collection of DevSecOps Notes + Resources + Courses + Tools
Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions such as vulnerability detection and code audit during application development, enabling developers to find application vulnerabilities more intuitively, quickly and in real time during application development.
Contrast Security Instrumentation for Dockerized Webgoat, with lab instructions.
🎓 Interactive Application Security Testing system that detects vulnerabilities using ML (part of thesis).
This repository has been merged into https://github.com/HXSecurity/DongTai. DongTai-engine used to analyze the method data collected by the probe, analyze whether there are vulnerabilities in API requests through the algorithm of taint tracking, and is also responsible for timing tasks, including: expired log cleaning, probe state maintenance, data packet replay processing, etc.
dongtai web is the front-end project of "huoxian DongTaiIast" and is responsible for page display
A prototype of an Interactive Application Security Testing System
A console program for lossless transliteration of Sanskrit texts from Devanagari to Latin and back using the International Alphabet of Sanskrit Transliteration (IAST).
DongTai-WebAPI is the server part of the management tool of DongTai-IAST