You must first install the Adversa SDK Tools to begin.
Run the terminal script below and follow the on-screen instructions.
The following will guide you through the process of carrying out your first security assessment using Adversa SDK Tools. Before you begin, please make sure you've installed Adversa SDK Tools and have completed any requested on-screen instructions.
Adversa SDK Tools supports both evaluation and commercial variants of licensing. The evaluation license does not expire but will only test for SQL Injection, Cross-Site Scripting and XML External Entities. Default installations of Adversa SDK Tools will be limited to an evaluation license.
A commercial license will provide access to the full suite of security tests as described in the knowledgebase as well as the ability to break builds within CI/CD pipeline(s). You may purchase a commercial license online.
The assess command will allow you to passively monitor your application for security vulnerabilities using the SDK specified by the --sdk argument. This command need only be prefixed to the command you currently use to run your application. The format of the command is as follows:
$ adversa assess --sdk [name] -- [command]
Tools will fork and exec your command with all of the runtime configurations necessary to passively monitor application behaviors for security vulnerabilities using the SDK denoted by name. As you interact with your application, either manually or via automated scripts, behaviors indicative of vulnerabilities will be printed to stdout for your review.
Visit the knowledgebase to learn more about the security tests performed.
Thank you for taking the time to install Adversa SDK Tools. If you wish to better understand the many capabilities exposed by Adversa SDK Tools or if you encountered trouble during installation, please check out our documentation for support. This will provide guidance on numerous topics, which includes the following: