DongTai-agent-java: An Overview
DongTai-agent-java is a sophisticated data acquisition tool tailored for Java applications, forming a crucial part of the DongTai IAST (Interactive Application Security Testing) ecosystem. This tool is adept at collecting essential data by manipulating class bytecode, which is subsequently sent to the DongTai OpenAPI service. Here, a cloud engine processes the data to identify potential security vulnerabilities within the application.
Core Components
The Dongtai-agent-java comprises several key elements, each serving distinct yet interrelated purposes:
-
agent.jar: This component manages the agent's life cycle and configurations. It oversees the entire process from downloading and installing the agent to starting, stopping, restarting, and finally uninstalling it. It also controls configurations such as the application's startup mode, the mode for vulnerability verification, and the enabling of the agent.
-
dongtai-core.jar: Central to its functionality, this jar file handles bytecode modification (piling), data collection, and preprocessing. It further manages data reporting and keeps track of third-party components.
-
dongtai-inject.jar: Designed to penetrate the BootStrap ClassLoader, this jar injects itself, enabling the target application to invoke data collection methods present in
iast-core.jar
. -
dongtai-servlet.jar: Focused on capturing requests sent and responses received by the application, this jar supports data display and facilitates request replay.
Application Scenarios
DongTai-agent-java proves invaluable in various scenarios, including:
- DevOps: Streamlining security testing within the CI/CD pipeline.
- Pre-Deployment Security Testing: Ensuring applications are secure before going live.
- Third-party Component Management: Monitoring and managing third-party components within applications.
- Code Auditing: Conducting thorough security audits of the application code.
- 0 Day Vulnerability Hunting: Identifying zero-day vulnerabilities proactively.
Quick Start
Users interested in leveraging DongTai-agent-java are directed to the comprehensive Quick Start Guide for setup and deployment instructions.
Quick Development Steps
For those looking to contribute or customize the DongTai-agent-java, here are simplified steps:
-
Fork and Clone: Fork the DongTai-agent-java repository and clone it locally:
git clone https://github.com/<your-username>/DongTai-agent-java
-
Code Modification: Modify and write the necessary code as per your requirements.
-
Compile with Maven: Use Maven to compile the project:
mvn clean package -Dmaven.test.skip=true
- Note: Ensure your JDK version is 1.8.
-
File Organization: Post-compilation, a
/release
directory appears in your project root, containing:release ├── dongtai-agent.jar └── lib ├── dongtai-servlet.jar ├── dongtai-core.jar └── dongtai-spy.jar
-
Copy Necessary Files: Move
dongtai-core.jar
,dongtai-spy.jar
,dongtai-servlet.jar
to the temporary directory specific to your system, retrievable via Java:System.getProperty("java.io.tmpdir.dongtai");
-
Application Testing: Test your application (e.g., SpringBoot) as follows:
java -javaagent:/path/to/dongtai-agent.jar -Ddongtai.debug=true -jar app.jar
-
Contribute: If you wish to contribute to the project, consult the contribution guide.
Compatibility
DongTai-agent-java supports Java version 1.8 and above, and works seamlessly with major middleware applications like Tomcat, Jetty, WebLogic, WebSphere, SpringBoot, and other mainstream software.