A test harness for a new IAST SDK library.
- Open
start.sh
and set theNODE_PATH
to the folder where your IAST Agent is located. - If you're not running on MacOS, change the IAST Agent name.
- Run
./start.sh
.
You should see index.js
called with the IAST Agent attached. Once bootstrapped, you'll see the number '1' output in the console. The script will then complete and the process will shut down.
I'd like to see LveTrack hook the function iast-sdk.taintObject()
so that when the eval()
statement is executed, an annotation is generated. We could use this mechanism for tainting mock objects created in unit tests that would potentially be tained in the real application.