Skip to content

A prototype of an Interactive Application Security Testing System

License

Notifications You must be signed in to change notification settings

daubli/iast-vms

Repository files navigation

IAST-VMS

IAST-VMS (IAST-Vulnerability Manamgement System) is a security testing application, that help to find vulnerability during the end-to-end testing phase of web applications. Therefore a specific agent can be downloaded in the application that can be attached to the JVM of the application under test. The agents analyses the traffic that is generated by automatic or manual testers and reports incidents to VMS. The application manges the vulnerabilities and has a gate mechanism that can be used to break build pipelines due to a specified quality specification.

How to deploy

First of all you need to deploy the database management system with an appropriate database. You can use the docker-compose-File in the root directory to deploy the database (and you need a working docker environment). To bring the database up change the working directory of your console to the path of this project and call: docker-compose up -d db

To deploy the backend just call ./gradlew bootRun in the root project directory. If the backend is started, switch to the frontend directory.

You may need to install some dependencies before the frontend can be deployed. An important precondition is, that you have a working installation of node.js and npm in place.

It is necessary to install vue-cli on your machine: npm install -g @vue/cli To install the project dependencies run: npm install in the context of the frontend directory.

To run the frontend type: npm run serve into your console and wait till the console tells you that the frontend is deployed. You can now access the application: http://localhost:7080