/DongTai-agent-python

Python Agent is a Python application probe of DongTai IAST, which collects method invocation data during runtime of Python application by dynamic hooks.

Primary LanguageCApache License 2.0Apache-2.0

DongTai-agent-python

dongtai-project dongtai--agent--python

Project Introduction

Dongtai-agent-python is DongTai Iast's data acquisition tool for Python applications. In a Python application with the iast agent added, the required data is collected by rewriting class bytecode, and then the data is sent to dongtai-OpenAPI service, and then the cloud engine processes the data to determine whether there are security holes.

DongTai-agent-python

  • dongtai_agent_python/config.json For configuration DongTai-openapi Url、Token、Web-ProjectName。
  • dongtai_agent_python/cli Control the hot update of the agent version。
  • dongtai_agent_python/middleware/ Used to access different python frameworks, currently supports Django and Flask, both of which are introduced in the form of middleware。
  • dongtai_agent_python/assess/ Hook the underlying method of python according to the cloud strategy。
  • dongtai_agent_python/report/ Report the collected data of the agent to the DongTai-openapi service。

Application Scenarios

  • DevOps
  • Security test the application before it goes online
  • Third-party Component Management
  • Code audit
  • 0 Day digging

Requirements

  • Python: >=3.6
  • CPython
  • Compiling Dependencies (Agent version >= 1.1.4)
    • gcc (Linux/macOS)
    • make (Linux/macOS)
    • cmake: >= 3.6
    • Visual Studio (Windows)
    • bash (Alpine Linux)
    • libc-dev (Alpine Linux)
    • linux-headers (Alpine Linux)
  • Web Framework
    • Django: 3.0-3.2, 4.0
    • Flask: 1.0-1.2, 2.0
  • Python packages
    • psutil: >= 5.8.0
    • requests: >= 2.25.1
    • pip: >= 19.2.3

Quick Start

Please refer to the Quick Start.

Quick Development

  1. Fork the DongTai-agent-python , clone your fork: 
    git clone https://github.com/<your-username>/DongTai-agent-python
  2. Write code to your needs.
  3. Modify the configuration file dongtai_agent_python/config.json

URL and token from the hole state IAST-web page (eg: https://iast-test.huoxian.cn/deploy) > python-agent deployment page,Obtained from the shell command of downloading agent,Replace the url domain name and token respectively

  1. The project is packaged and executed in the root directory of the agent project 
    python3 setup.py sdist
  2. Install the agent
    After packaging, the dist directory will be generated, and the installation package will be found in the dist directory, Put the dongtai_agent_python.tar.gz installation package on the machine where the Web-server is located,Execute pip installation 
    pip3 install ./dongtai-python-agent.tar.gz

Project access Agent

Agent Configuration

Environment Variables

  • DEBUG mode: DEBUG=1
  • Auto Create Project: AUTO_CREATE_PROJECT=1
  • Project Name: PROJECT_NAME=Demo
  • Project Version: PROJECT_VERSION=v1.0
  • Agent Name: ENGINE_NAME=test-flask
  • Log Path: LOG_PATH=/tmp/dongtai-agent-python.log

You can also configure the value in dongtai_agent_python/config.json

  • debug
  • project.name
  • project.version
  • engine.name
  • log.log_path

Note: The priority of the system environment variable is higher than the configuration file

Django

  1. Enter the main directory of the app
  2. Open the app/settings.py file and find the line of MIDDLEWARE
  3. Insert below the line dongtai_agent_python.middlewares.django_middleware.FireMiddleware
  4. Restart app

Flask

  1. Modify the entry file of the project (such as app.py) and add the following content 
    app = Flask(__name__)

from dongtai_agent_python.middlewares.flask_middleware import AgentMiddleware
app.wsgi_app = AgentMiddleware(app.wsgi_app, app)

if __name__ == '__main__':
    app.run()
  2. Restart app