Giter VIP home page Giter VIP logo

hxcorp / dongtai-engine Goto Github PK

View Code? Open in Web Editor NEW

This project forked from hxsecurity/dongtai-engine

0.0 0.0 0.0 16.54 MB

DongTai-engine used to analyze the method data collected by the probe, analyze whether there are vulnerabilities in API requests through the algorithm of taint tracking, and is also responsible for timing tasks, including: expired log cleaning, probe state maintenance, data packet replay processing, etc.

License: Apache License 2.0

Dockerfile 0.43% Python 90.08% Shell 0.32% HTML 9.17%

dongtai-engine's Introduction

DongTai-engine

license Apache-2.0 GitHub stars GitHub forks GitHub Contributors

django-project Release DongTai Engine Github Version Release downloads

中文版本(Chinese version)

Whit is DongTai-Engine?

DongTai-Engine is used to process the data collected by the DongTai probe, and its functions are as follows:

  1. Analyze whether there are vulnerabilities in HTTP/HTTPS/RPC requests based on method pool data and taint tracking algorithms
  2. Handle vulnerability verification requests regularly
  3. Regularly update the vulnerabilities in the components
  4. Regularly clean up expired log data
  5. Regularly maintain the status of the probe detection engine

Deploy

Basic services:MySql、Redis

The basic service configuration is as follows:

service name ip port additional
MySql 127.0.0.1 3306 account:dongtai
password:dongtai-iast
database name:dongtai_webapi
Redis 127.0.0.1 6379 password:123456
Redis db:0

Official image

  1. Pull image
$ docker pull registry.cn-beijing.aliyuncs.com/huoxian_pub/dongtai-engine:latest
  1. Create a configuration file:/etc/dongtai/config.ini,The content is as follows:
[mysql]
host = 127.0.0.1
port = 3306
name = dongtai_webapi
user = dongtai
password = dongtai-iast

[redis]
host = 127.0.0.1
port = 6379
password = 123456
db = 0

; The following content unused, keep the default
[engine]
url = http://engine_url


[smtp]
server = server
user = user
password = password
from_addr = from_addr
ssl = False
cc_addr = cc_addr

[aliyun_oss]
access_key = access_key
access_key_secret = access_key
  1. Start the dongtai-engine container and map the configuration file
$ docker run -d --name dongtai-engine -v /etc/dongtai/config.ini:/opt/dongtai/engine/conf/config.ini --restart=always secnium/iast-saas-engine:latest
  1. Start the dongtai-engine-task container and map the configuration file
$ docker run -d --name dongtai-engine-task -v /etc/dongtai/config.ini:/opt/dongtai/engine/conf/config.ini --restart=always secnium/iast-saas-engine:latest bash /opt/dongtai/engine/docker/entrypoint.sh

Build custom image

  1. Build image
$ docker build -t secnium/iast-saas-engine:latest .
  1. Create a configuration file:/etc/dongtai/config.ini,The content is as follows:
[mysql]
host = 127.0.0.1
port = 3306
name = dongtai_webapi
user = dongtai
password = dongtai-iast

[redis]
host = 127.0.0.1
port = 6379
password = 123456
db = 0

; The following content unused, keep the default
[engine]
url = http://engine_url

[smtp]
server = server
user = user
password = password
from_addr = from_addr
ssl = False
cc_addr = cc_addr

[aliyun_oss]
access_key = access_key
access_key_secret = access_key
  1. Start the dongtai-engine container and map the configuration file
$ docker run -d --name dongtai-engine -v /etc/dongtai/config.ini:/opt/dongtai/engine/conf/config.ini --restart=always secnium/iast-saas-engine:latest
  1. Start the dongtai-engine-task container and map the configuration file
$ docker run -d --name dongtai-engine-task -v /etc/dongtai/config.ini:/opt/dongtai/engine/conf/config.ini --restart=always secnium/iast-saas-engine:latest bash /opt/dongtai/engine/docker/entrypoint.sh

Contributing

Contributions are welcomed and greatly appreciated. See CONTRIBUTING.md for details on submitting patches and the contribution workflow.

Any questions? Let's discuss in #DongTai discussions

More resources

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.