Support
Shark for PHP

Deploying Invicti Shark for PHP – Docker

This document is for:
Invicti Enterprise On-Demand

Invicti Shark enables you to carry out interactive security testing (IAST) in your web application in order to confirm more vulnerabilities and further minimize false positives.  

For Invicti Shark to operate, you need to download an agent and deploy it on your server. Please note that this agent is generated uniquely for each target website for security reasons. 

The most principled way of deploying Invicti Shark in a Docker scenario is to simply layer the Invicti Shark modifications onto your already existing container definition. 

This simple example will demonstrate how you can deploy Invicti Shark together with your web application. There are 4 steps to do this.

Step 1. Create your target in Invicti Enterprise

For this example, we will assume that the URL for your target is http://sharkexample.com:60000.

Go to Invicti Enterprise and create a new target with your URL. From New Scan, select this URL for the scan, then enable Invicti Shark. Download the Shark agent file shark.php, and save this file for use later on.

Step 2. Define the web application image

  1. This simple web application will be defined through the following file structure:
/testphp-docker/
/testphp-docker/Dockerfile
/testphp-docker/websrc/
/testphp-docker/websrc/index.php
/testphp-docker/websrc/test.php
  1. Create your /testphp-docker/Dockerfile file to read as follows:
FROM php:7.3.28-apache

#setup the web pages
COPY --chown=www-data:www-data websrc/ /var/www/html
  1. Create your /testphp-docker/websrc/index.php file to read as follows:
<?php
    echo "<h1>Test PHP Site Example for Docker Deployment</h1>";
    echo "<br>";
    echo "Welcome to the main page.";
    echo "<br>";
    echo "<a href='test.php'>Go to the test page.</a>";
?>
  1. Create your /testphp-docker/websrc/test.php file to read as follows:
<?php
    echo "<h1>Test PHP Site Example for Docker Deployment</h1>";
    echo "<br>";
    echo "Welcome to the test page.";
    echo "<br>";
?>
  1. Build the image with:
cd /testphp-docker
docker build -t testphp-docker .

Step 3. Define the Shark layer image

  1. The Shark layer will be defined through the following file structure:
/testphp-docker-shark/
/testphp-docker-shark/Dockerfile
/testphp-docker-shark/shark.php
  1. Copy the shark.php file you created in the first step to your docker host into the /testphp-docker-shark directory.
  2. Create your /testphp-docker-shark/Dockerfile file to read as follows:
FROM testphp-docker

# assumes the web application is in /var/www/html

# setup Invicti Shark
RUN mkdir /shark
WORKDIR /shark
COPY shark.php .

# add .htaccess file for Invicti Shark
RUN printf "\nphp_value auto_prepend_file /shark/shark.php\n" > /var/www/html/.htaccess \
  && chown www-data:www-data /var/www/html/.htaccess
  1. Build and run your image with:
cd /testphp-docker-shark
docker build -t testphp-docker-shark .
docker run -d -p 60000:80 --name mytestphp testphp-docker-shark

Step 4. Test and scan your web application

Point your browser to your web application. In this example, http://sharkexample.com:6000 to confirm it is running as intended.

Invicti Help Center

Our Support team is ready to provide you with technical help.

Go to Help Center This will redirect you to the ticketing system.