OFFENSIVE360 SAST Eclipse Plugin
Plugin Requirements
- Install a compatible Eclipse IDE
- Java 17.0.* is required
Plugin Installation
- Goto Help->Eclipse MarketPlace to enter plugin marketplace.
- Search for "O360 SAST" and install the plugin.
- If no plugin found in marketplace follow manual installation steps
Plugin Manual Installation
- Goto Help->Install New Software to enter plugin installation page
- Now copy below link and paste it to the field
- Plugin Update Site link https://github.com/offensive360/EclipsePlugin/raw/main
- Now you will be able to see O360 SAST feature click on it and install
- Uncheck check for updates checkbox before installing
- you can download this repo
- After downloading follow above manual installation steps
- Now instead of link click on Add > Local > Browse Update site file downloaded Zip file
Update site zip file installation
Server Configuration
In offensive360 bottom tool bar click on settings Icon or CTRL+ALT+D which will ask you server details.- SERVER_URL : Host Address of the offensive360 api which will be provided by admin.
- AUTH_TOKEN : Authentication Token provided by admin.
- Invalid details will not allow a scan to run
Running A Scan
Now click on Scan Icon or CTRL+ALT+S which run scan on project source code and shows results.Right Click on File Popup Menu to run scan from there.
Features
Right click on any vulnerability to get menu where you can1.Go To Code Double click on vulenrability to navigate to vulnerability
2.Suppress False positive Vulnerabilities
3.Get Help with references for the vulnerability
4.Clear All vulnerabilities upon confirmation.
Let's find the vulnerabilities in one scan