Kali Linux

DongTai : Open-Source Passive Interactive Security Testing (IAST) Product

DongTai IAST is an open-source passive interactive security testing (IAST) product. It uses dynamic hooks and taint tracking algorithms to achieve universal vulnerability detection and multiples request associated with vulnerability detection (including but not limited to unauthorized vulnerabilities, overpower vulnerabilities)Third-party component vulnerability detection, etc. Currently, applications in Java and Python are supported for vulnerability detection.

Project structure

.
├── deploy
├── dongtai_common common functions and classes for each service to call
├── dongtai_conf configuration files
├── dongtai_engine vulnerability detection and vulnerability processing part
├── dongtai_protocol protocols for interaction between dongtai-server and agent
├── dongtai_web api for interacting with the web
├── static static files
└── test testcases

Architecture

DongTai IAST has multiple basic services, including DongTai-webDongTai-webapiDongTai-openapiDongTai-engineagentDongTai-deployDongTai-Base-Image and DongTai-Plugin-IDEA:

  • DongTai-web is the product page of DongTai, which is used to handle the interaction between users and cave states.
  • DongTai-webapi is responsible for handling user-related operations.
  • DongTai-openapi is used to process the registration/heartbeat/call method/third-party component/error log data reported by agent, issue hook strategy, issue probe control commands, etc.
  • DongTai-engine analyzes whether there are vulnerabilities in HTTP/HTTPS/RPC requests according to the calling method data and taint tracking algorithm, and is also responsible for other related timing tasks.
  • agent is a probe module of DongTai, including data collection terminals in different programming languages, used to collect data during application runtime and report to the DongTai-OpenAPI service.
  • DongTai-deploy is used for the deployment of DongTai IAST, including docker-compose single-node deployment, Kubernetes cluster deployment, etc. If you want a deployment plan, you can add features or contribute to the deployment plan.
  • DongTai-Base-Image contains the basic services that DongTai depends on runtime, including MySql, Redis.
  • DongTai-Plugin-IDEA is the IDEA plug-in corresponding to the Java probe. You can run the Java probe directly through the plug-in and detect the vulnerabilities directly in IDEA.

Scenario

The usage scenarios of “DongTai IAST” include but not limited to:

  • Embed the DevSecOps process to realize automatic detection of application vulnerabilities/third-party component combing/third-party component vulnerability detection.
  • Common vulnerability mining for open source software/open source components.
  • Security testing before release, etc.

Quick start

DongTai IAST supports SaaS Service and Localized Deployment. Please refer to Deployment Document for localized deployment.

  • SaaS Version
  • Fill out the Online Form to register an account.
  • Log in to the [DongTai IAST] (https://iast.io).
  • Have a quick start with Online Guideline.
  • Localized Deployment Version

DongTai IAST supports a variety of deployment schemes which refer to Deployment Document:

  • Stand-alone Deployment
    • Docker-compose
    • docker – pending upgrade
  • Cluster Deployment
    • Kubernetes

Docker-compose

git clone git@github.com:HXSecurity/DongTai.git
cd DongTai
chmod u+x build_with_docker_compose.sh
./build_with_docker_compose.sh

R K

Recent Posts

Install MySQL on Ubuntu 20.04: Setup, Security, and Root Access

MySQL is the most popular open-source relational database management system. It is fast, reliable, and a…

8 hours ago

Install Git on Ubuntu 20.04: Apt, Source, and Configuration

Git is the most widely used version control system in the world. It was created by…

8 hours ago

Install Go on Ubuntu 20.04: Download, Setup, and First Program

Go (also called Golang) is an open-source programming language built by Google. It is designed to…

9 hours ago

Install VS Code on Ubuntu 20.04: Snap Package and Apt Guide

Visual Studio Code (VS Code) is an open-source code editor developed by Microsoft. It is one…

9 hours ago

Install Nginx on Ubuntu 20.04: Setup, Firewall, and Config Guide

Nginx (pronounced "engine x") is an open-source, high-performance web server and reverse proxy. It is used…

9 hours ago

Install Apache on Ubuntu 20.04: Setup and Virtual Host Guide

Apache is one of the most widely used open-source web servers in the world. It is…

1 day ago