Application Security Platform
Invicti IAST

Invicti IAST for ASP .NET Core

This document is for:
Invicti Platform

  • Invicti IAST for .NET supports .Net Core 6 and .Net Core 8 (beta)
  • IAST makes use of the IAST Bridge. The IAST sensor must be able to communicate with iast.invicti.com to transmit data to the DAST scanning engine.

Deploying Invicti IAST for ASP .NET Core websites

The Invicti IAST agent must be deployed to your web application. This section describes how to deploy Invicti IAST to an ASP.NET Core web application.

Prepare the Invicti IAST for .NET Core

  1. Download the Invicti .NET IAST sensor file for your target. For instructions, refer to Installing Invicti IAST.
  2. Create a folder that will host your Invicti IAST files. In this example, we have used a folder called C:\iastsensor.
  3. Extract the files from the downloaded dotnet-iastsensor.zip file to another destination folder.
  4. Navigate to the destination folder and open the .NET Core subfolder.
  5. Select and copy all the items inside the subfolder.

  1. Navigate to the folder you created in Step 2 above (in our example C:\iastsensor).
  2. Paste into the folder the files you copied in Step 5 above.

Deploying into a Kestrel .NET Core website

  1. Navigate to your web application root folder.

  1. Create a new sitelauncher.bat file inside your web application root folder with the following contents (replacing axexample-dotnetcore.exe with the name of the executable file for your web application):

SET SENSOR_SETTINGS_PATH=C:/iastsensor/settings.ini
SET DOTNET_STARTUP_HOOKS=C:/iastsensor/InvictiSensor.dll
axexample-dotnetcore.exe --urls http://
0.0.0.0:80

  1. From the command line, navigate to your web application root folder and launch your web application.

Deploying into a Kestrel .NET Core website on Linux

  1. Navigate to your web application root folder.
  2. Create a new sitelauncher.sh file inside your web application root folder with the following contents (replacing axexample-dotnetcore.dll with the name of the executable file for your web application):

#!/bin/bash

export DOTNET_STARTUP_HOOKS=
"/iastsensor/InvictiSensor.dll"
export SENSOR_SETTINGS_PATH=
"/iastsensor/settings.ini"

dotnet ./axexample-dotnetcore.dll --urls
"http://0.0.0.0:80"

  1. From the command line, navigate to your web application root folder and launch your web application

Deploying into an IIS .NET Core website

  1. Navigate to your web application root folder.

  1. Edit your web.config file to add environment variables for using Invicti IAST:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
 <location path=
"." inheritInChildApplications="false">
   <system.webServer>
     <handlers>
       <add name=
"aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2" resourceType="Unspecified" />
     </handlers>
     <aspNetCore processPath=
"dotnet" arguments=".\axexample-dotnetcore.dll" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" hostingModel="inprocess">
       <environmentVariables>
<environmentVariable name=
"DOTNET_STARTUP_HOOKS" value="C:/iastsensor/InvictiSensor.dll" />
         <environmentVariable name=
"SENSOR_SETTINGS_PATH" value="C:/iastsensor/settings.ini" />
       </environmentVariables>
     </aspNetCore>
   </system.webServer>
 </location>
</configuration>
<!--ProjectGuid:
16505b2e-7499-4c97-a9ff-d18e39913ad5-->

  1. Restart your web application from IIS Manager.

Share This Article