Installing Invicti Shark for Java websites

Before deploying Invicti Shark, note the list of supported servers and frameworks.

The Invicti Shark agent will need to be installed in your web application. The following section describes how to deploy Invicti Shark to a Java web application.

How to install the Java Invicti Shark agent

To install the Java Invicti Shark agent, you need to:

1. Download the Java Invicti Shark agent (Shark (IAST and SCA).jar) from the Invicti UI. The Java Invicti Shark download file includes the Invicti Shark Token, which, by default, is unique for each target website URL. Unless the Token has been changed to be the same for all target websites, you will need to download the Java Invicti Shark agent for each target website separately.

2. Save the downloaded Java Shark agent to a location on your web server.

3. Deploy the Java Shark agent into your web server. This process differs depending on the web server. There are many possible configurations for a Java web server. The guides linked below look at the more common web server configuration possibilities. Use one of the following links for more information on how to deploy Invicti Shark for Java on your web application:

• Deploying Invicti Shark for Java – Tomcat (Windows/Linux/Docker)
• Deploying Invicti Shark for Java – Docker (Spring Boot)
• Deploying Invicti Shark for Java - Windows/Linux (JBOSS 7.4 Standalone + WAR File)
• Deploying Invicti Shark for Java - Windows/Linux (Jetty 10.0.10 + WAR File)
• Deploying Invicti Shark for Java – Windows/Linux (Wildfly 26.1.1 Final Standalone + WAR File)
• Deploying Invicti Shark for Java – Linux (WebSphere Liberty 19.0.0.9+ with WAR File)
• Scanning an application in AWS Elastic Beanstalk (Tomcat + WAR File)