Invicti Shark enables you to carry out interactive security testing (IAST) in your web application in order to confirm more vulnerabilities and further minimize false positives. For Invicti Shark to operate, you need to download an agent and deploy it on your server. Please note that this agent is generated uniquely for each target website for security reasons.
This topic explains how to download and install Invicti Shark to a Java web application for different configurations.
Invicti Shark for Java requires Tomcat (7+) and Java (1.7+). Current testing is with Tomcat 9 and Java 1.8.
There are many possible configurations for a JAVA web server. The following sections look at the more common web server configuration possibilities.
Use one of the following links for more details on how to deploy Invicti Shark for Java on your web application.
- Deploying Invicti Shark for Java – Windows
- Deploying Invicti Shark for Java – Ubuntu Linux
- Deploying Invicti Shark for Java – Centos & RHEL
- Deploying Invicti Shark for Java – Docker Generic
- Deploying Invicti Shark for Java – Docker Spring Boot
- Deploying Invicti Shark for Java – Docker & WAR file
- Scanning an application in AWS Elastic Beanstalk using Invicti Shark for Java