/DongTai-engine

This repository has been merged into https://github.com/HXSecurity/DongTai. DongTai-engine used to analyze the method data collected by the probe, analyze whether there are vulnerabilities in API requests through the algorithm of taint tracking, and is also responsible for timing tasks, including: expired log cleaning, probe state maintenance, data packet replay processing, etc.

Primary LanguagePythonApache License 2.0Apache-2.0

DongTai-engine

license Apache-2.0 GitHub stars GitHub forks GitHub Contributors

django-project Release DongTai Engine Github Version Release downloads

中文版本(Chinese version)

Whit is DongTai-Engine?

DongTai-Engine is used to process the data collected by the DongTai probe, and its functions are as follows:

  1. Analyze whether there are vulnerabilities in HTTP/HTTPS/RPC requests based on method pool data and taint tracking algorithms
  2. Handle vulnerability verification requests regularly
  3. Regularly update the vulnerabilities in the components
  4. Regularly clean up expired log data
  5. Regularly maintain the status of the probe detection engine

Deploy

Basic services:MySql、Redis

The basic service configuration is as follows:

service name ip port additional
MySql 127.0.0.1 3306 account:dongtai
password:dongtai-iast
database name:dongtai_webapi
Redis 127.0.0.1 6379 password:123456
Redis db:0

Official image

  1. Pull image
$ docker pull registry.cn-beijing.aliyuncs.com/huoxian_pub/dongtai-engine:latest
  1. Create a configuration file:/etc/dongtai/config.ini,The content is as follows:
[mysql]
host = 127.0.0.1
port = 3306
name = dongtai_webapi
user = dongtai
password = dongtai-iast

[redis]
host = 127.0.0.1
port = 6379
password = 123456
db = 0

; The following content unused, keep the default
[engine]
url = http://engine_url


[smtp]
server = server
user = user
password = password
from_addr = from_addr
ssl = False
cc_addr = cc_addr

[aliyun_oss]
access_key = access_key
access_key_secret = access_key
  1. Start the dongtai-engine container and map the configuration file
$ docker run -d --name dongtai-engine -v /etc/dongtai/config.ini:/opt/dongtai/engine/conf/config.ini --restart=always secnium/iast-saas-engine:latest
  1. Start the dongtai-engine-task container and map the configuration file
$ docker run -d --name dongtai-engine-task -v /etc/dongtai/config.ini:/opt/dongtai/engine/conf/config.ini --restart=always secnium/iast-saas-engine:latest bash /opt/dongtai/engine/docker/entrypoint.sh

Build custom image

  1. Build image
$ docker build -t secnium/iast-saas-engine:latest .
  1. Create a configuration file:/etc/dongtai/config.ini,The content is as follows:
[mysql]
host = 127.0.0.1
port = 3306
name = dongtai_webapi
user = dongtai
password = dongtai-iast

[redis]
host = 127.0.0.1
port = 6379
password = 123456
db = 0

; The following content unused, keep the default
[engine]
url = http://engine_url

[smtp]
server = server
user = user
password = password
from_addr = from_addr
ssl = False
cc_addr = cc_addr

[aliyun_oss]
access_key = access_key
access_key_secret = access_key
  1. Start the dongtai-engine container and map the configuration file
$ docker run -d --name dongtai-engine -v /etc/dongtai/config.ini:/opt/dongtai/engine/conf/config.ini --restart=always secnium/iast-saas-engine:latest
  1. Start the dongtai-engine-task container and map the configuration file
$ docker run -d --name dongtai-engine-task -v /etc/dongtai/config.ini:/opt/dongtai/engine/conf/config.ini --restart=always secnium/iast-saas-engine:latest bash /opt/dongtai/engine/docker/entrypoint.sh

Contributing

Contributions are welcomed and greatly appreciated. See CONTRIBUTING.md for details on submitting patches and the contribution workflow.

Any questions? Let's discuss in #DongTai discussions

More resources