Download Invicti IAST using API

This document explains how to download the Invicti IAST sensor using API. By following the outlined in steps, you learn how to acquire the Invicti IAST file through interaction with the Platform API. Subsequently, the downloaded Invicti IAST sensor can be deployed and utilized for conducting thorough vulnerability scans.

info

Before downloading Invicti IAST, you need to:

• Confirm that the Target you intend to use the Invicti IAST Agent for is already added to Invicti Platform.
• Ensure that the Invicti IAST setting is enabled for the Target.
• Obtain the API key.
• Obtain the target_id for the specific Target.

How to download Invicti IAST sensor

Follow these steps to first retrieve the Invicti IAST sensor token for a particular target and then download the Invicti IAST sensor:

1. Replace [target_id] in the following command with the actual target_id obtained for your target.
2. Replace [API-Key] with your valid Invicti Platform API key.

curl -i -k -X GET https://127.0.0.1:3443/api/v1/targets/[target_id]/configuration -H "Accept: application/json" -H "X-Auth: [API-Key]"

After editing the command with the appropriate target_id and API key, execute it to obtain the Invicti IAST token for the specified target.

3. Locate the sensor_secret within the response and ensure that the sensor parameter displays the value of true for Invicti IAST to function correctly. Here's the relevant portion of the response:

"sensor": true,"sensor_secret": "b320d4ab51111dde036cd9061ff99767",

In the preceding snippet, the sensor parameter is set to true, indicating that Invicti IAST is enabled, and the sensor_secret contains the unique secret key associated with Invicti IAST.

4. To download the required Invicti IAST file using the sensor_secret obtained from the previous response, follow this example command:

curl -k -H "Accept: application/octet-stream" -JLO -X GET https://127.0.0.1:3443/api/v1/targets/sensors/net3/[sensor_secret]

In this case, the parameter net3 is used to download the Invicti .NET IAST sensor. Replace [sensor_secret] with the actual sensor_secret value obtained from the previous response. This command downloads the Invicti .NET IAST sensor file associated with the specified sensor_secret.

tip

The Invicti IAST parameter_types are defined in the API documentation. The parameter types are:

• php
• java3
• node
• net3

To use any specific sensor you need, just substitute ‘net3’ with your desired sensor in the request.

5. Using the provided command initiates the download of Invicti IAST to the current directory where the command is executed (in this case, the cmd location), and saves it with the appropriate filename.

For instance, if your cmd location is C:\, the Invicti IAST sensor is downloaded to that file location. If you're specifically downloading the Invicti .NET IAST sensor, the downloaded file is named dotnet-iastsensor.zip.

---

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center