Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.

xAST评价体系，让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".

simpleIAST- 基于污点追踪的灰盒漏洞扫描工具。

Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading

Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions such as vulnerability detection and code audit during application development, enabling developers to find application vulnerabilities more intuitively, quickly and in real time during application development.

A prototype of an Interactive Application Security Testing System

Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.

A modern approach to Burp's Infiltrator (or IAST, in general) with a pinch of Frida

A demonstration project for Java Runtime Application Self-Protection (RASP), showcasing core RASP principles and implementations. Perfect for exploring Java security solutions and understanding how RASP protects applications from inside.

Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.