From e1f3a4c9163d20b3db99304e862b0620b42e9821 Mon Sep 17 00:00:00 2001 From: Jarcis-cy Date: Thu, 27 Jun 2024 18:17:29 +0800 Subject: [PATCH] =?UTF-8?q?[update]=E6=9B=B4=E6=96=B0=E8=8B=B1=E6=96=87rea?= =?UTF-8?q?dme?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 208 +++++++++++++++++++++++------------------------ README_EN.md | 223 ++++++++++++++++++++++++++++----------------------- 2 files changed, 227 insertions(+), 204 deletions(-) diff --git a/README.md b/README.md index 1c12ca754..45d2f1159 100644 --- a/README.md +++ b/README.md @@ -8,203 +8,203 @@

-

A Powerful Security Assessment Tool

+

一款功能强大的安全评估工具

- 🏠 Documentation • - ⬇️ Download xray • - ⬇️ Download xpoc • - ⬇️ Download xapp • - 📖 Plugin Repository + 🏠使用文档 • + ⬇️xray下载 • + ⬇️xpoc下载 • + ⬇️xapp下载 • + 📖插件存储库

-[**中文版**](./README.md) +[**English Version**](./README_EN.md) ## ✨ Demo -> Note: xray is not open source, just download the built binary files directly. The repository mainly contains community-contributed POCs. Each xray release will automatically package them. +> 注意:xray 不开源,直接下载构建的二进制文件即可,仓库内主要为社区贡献的 poc,每次 xray 发布将自动打包。 -## xray 2.0 +## xray2.0 -To address the issue of xray 1.0 becoming complex and bloated with added features, we have launched xray 2.0. +为了解决 xray 1.0在功能增加过程中变得复杂且臃肿的问题,我们推出了 xray 2.0。 -This new version aims to enhance the smoothness of functionality, lower the usage threshold, and help more security industry practitioners achieve a better experience more efficiently. xray 2.0 will integrate a series of new security tools to form a comprehensive security toolset. +这一全新版本致力于提升功能使用的流畅度,降低使用门槛,并帮助更多安全行业从业者以更高效的模式收获更好的体验。xray 2.0 将整合一系列新的安全工具,形成一个全面的安全工具集。 -**The second tool in the xray 2.0 series, xapp, is now online, welcome to try it!** +**xray2.0系列的第二款工具xapp已经上线,欢迎体验!** ### XPOC -xpoc is the first tool in the xray 2.0 series, designed as a rapid emergency response tool for supply chain vulnerability scanning. +xpoc是xray2.0系列的第一款工具,它是一款为供应链漏洞扫描设计的快速应急响应工具 -Project address: https://github.com/chaitin/xpoc +项目地址:https://github.com/chaitin/xpoc ### XAPP -xapp is a tool focused on web fingerprint identification. You can use xapp to identify the technologies used by web targets and prepare for security testing. +xapp是一款专注于web指纹识别的工具。你可以使用xapp对web目标所使用的技术进行识别,为安全测试做好准备。 -Project address: https://github.com/chaitin/xapp +项目地址:https://github.com/chaitin/xapp -### Plugin Repository +### 插件存储库 -We have created a dedicated repository for various plugins, aimed at facilitating the sharing and use of different plugins. +我们为各类插件创建了一个专门的存储库,旨在方便大家共享和使用各种插件。 -It mainly collects open-source scripts converted into xray format for everyone to use. +这里主要收录的是开源的、转化成 xray格式的脚本,以供大家使用。 -We will periodically push some new plugins here and hope everyone will actively optimize or submit plugins to enrich this repository together. +我们会不定期地往这里推送一些新的插件,同时也希望大家能积极踊跃的优化或者提交插件,共同丰富这个仓库。 -Project address: https://github.com/chaitin/xray-plugins +项目地址:https://github.com/chaitin/xray-plugins -## 🚀 Quick Usage +## 🚀 快速使用 -**Before using, be sure to read and agree to the terms in the [License](https://github.com/chaitin/xray/blob/master/LICENSE.md) file. If not, please do not install or use this tool.** +**在使用之前,请务必阅读并同意 [License](https://github.com/chaitin/xray/blob/master/LICENSE.md) 文件中的条款,否则请勿安装使用本工具。** -1. Use the basic crawler to scan the links crawled by the crawler for vulnerabilities +1. 使用基础爬虫爬取并对爬虫爬取的链接进行漏洞扫描 ```bash xray webscan --basic-crawler http://example.com --html-output vuln.html ``` -1. Use HTTP proxy for passive scanning +1. 使用 HTTP 代理进行被动扫描 ```bash xray webscan --listen 127.0.0.1:7777 --html-output proxy.html ``` - Set the browser's HTTP proxy to `http://127.0.0.1:7777`, then you can automatically analyze proxy traffic and scan it. + 设置浏览器 http 代理为 `http://127.0.0.1:7777`,就可以自动分析代理流量并扫描。 - > To scan HTTPS traffic, please read the "Capture HTTPS Traffic" section below. + >如需扫描 https 流量,请阅读下方文档 `抓取 https 流量` 部分 -1. Scan a single URL without using a crawler +1. 只扫描单个 url,不使用爬虫 ```bash xray webscan --url http://example.com/?a=b --html-output single-url.html ``` -1. Manually specify plugins for this run +1. 手动指定本次运行的插件 - By default, all built-in plugins will be enabled. You can specify the plugins to be enabled for this scan with the following commands. + 默认情况下,将会启用所有内置插件,可以使用下列命令指定本次扫描启用的插件。 ```bash xray webscan --plugins cmd-injection,sqldet --url http://example.com xray webscan --plugins cmd-injection,sqldet --listen 127.0.0.1:7777 ``` + +1. 指定插件输出 -1. Specify Plugin Output - - You can specify to output the vulnerability information of this scan to a file: - + 可以指定将本次扫描的漏洞信息输出到某个文件中: + ```bash xray webscan --url http://example.com/?a=b \ --text-output result.txt --json-output result.json --html-output report.html ``` + + [报告样例](https://docs.xray.cool/assets/report_example.html) - [Sample Report](https://docs.xray.cool/assets/report_example.html) - -For other usage, please read the documentation: https://docs.xray.cool - -## 🪟 Detection Modules +其他用法请阅读文档: https://docs.xray.cool -New detection modules will be continuously added. +## 🪟 检测模块 -| Name | Key | Version | Description | -|------------------|------------------|----------|--------------------------------------------------------------------------------------| -| XSS Detection | `xss` | Community | Detects XSS vulnerabilities using semantic analysis | -| SQL Injection Detection | `sqldet` | Community | Supports error-based injection, boolean-based injection, and time-based blind injection | -| Command/Code Injection Detection | `cmd-injection` | Community | Supports shell command injection, PHP code execution, template injection, etc. | -| Directory Enumeration | `dirscan` | Community | Detects over 10 types of sensitive paths and files such as backup files, temporary files, debug pages, and configuration files | -| Path Traversal Detection | `path-traversal` | Community | Supports common platforms and encodings | -| XML External Entity (XXE) Detection | `xxe` | Community | Supports detection with echo and back-connect platform | -| POC Management | `phantasm` | Community | Comes with some common POCs by default; users can build and run POCs as needed. Documentation: [POC](https://docs.xray.cool/#/guide/poc) | -| File Upload Detection | `upload` | Community | Supports common backend languages | -| Weak Password Detection | `brute-force` | Community | Community edition supports HTTP basic authentication and simple form weak password detection, with built-in common username and password dictionary | -| JSONP Detection | `jsonp` | Community | Detects JSONP interfaces containing sensitive information that can be read across domains | -| SSRF Detection | `ssrf` | Community | SSRF detection module, supports common bypass techniques and back-connect platform detection | -| Baseline Check | `baseline` | Community | Detects low SSL versions, missing or incorrectly added HTTP headers | -| Arbitrary Redirect Detection | `redirect` | Community | Supports HTML meta redirects, 30x redirects, etc. | -| CRLF Injection | `crlf-injection` | Community | Detects HTTP header injection, supports parameters in query, body, etc. | -| XStream Vulnerability Detection | `xstream` | Community | Detects XStream series vulnerabilities | -| Struts2 Vulnerability Detection | `struts` | Advanced | Detects Struts2 series vulnerabilities, including common ones like s2-016, s2-032, s2-045, s2-059, s2-061, etc. | -| ThinkPHP Vulnerability Detection | `thinkphp` | Advanced | Detects related vulnerabilities in websites developed with ThinkPHP | -| Shiro Deserialization Vulnerability Detection | `shiro` | Advanced | Detects Shiro deserialization vulnerabilities | -| Fastjson Vulnerability Detection | `fastjson` | Advanced | Detects Fastjson series vulnerabilities | +新的检测模块将不断添加 +| 名称 | Key | 版本 | 说明 | +|----------------|------------------|-----|---------------------------------------------------------------------------------| +| XSS漏洞检测 | `xss` | 社区版 | 利用语义分析的方式检测XSS漏洞 | +| SQL 注入检测 | `sqldet` | 社区版 | 支持报错注入、布尔注入和时间盲注等 | +| 命令/代码注入检测 | `cmd-injection` | 社区版 | 支持 shell 命令注入、PHP 代码执行、模板注入等 | +| 目录枚举 | `dirscan` | 社区版 | 检测备份文件、临时文件、debug 页面、配置文件等10余类敏感路径和文件 | +| 路径穿越检测 | `path-traversal` | 社区版 | 支持常见平台和编码 | +| XML 实体注入检测 | `xxe` | 社区版 | 支持有回显和反连平台检测 | +| poc 管理 | `phantasm` | 社区版 | 默认内置部分常用的 poc,用户可以根据需要自行构建 poc 并运行。文档:[POC](https://docs.xray.cool/#/guide/poc) | +| 文件上传检测 | `upload` | 社区版 | 支持常见的后端语言 | +| 弱口令检测 | `brute-force` | 社区版 | 社区版支持检测 HTTP 基础认证和简易表单弱口令,内置常见用户名和密码字典 | +| jsonp 检测 | `jsonp` | 社区版 | 检测包含敏感信息可以被跨域读取的 jsonp 接口 | +| ssrf 检测 | `ssrf` | 社区版 | ssrf 检测模块,支持常见的绕过技术和反连平台检测 | +| 基线检查 | `baseline` | 社区版 | 检测低 SSL 版本、缺失的或错误添加的 http 头等 | +| 任意跳转检测 | `redirect` | 社区版 | 支持 HTML meta 跳转、30x 跳转等 | +| CRLF 注入 | `crlf-injection` | 社区版 | 检测 HTTP 头注入,支持 query、body 等位置的参数 | +| XStream漏洞检测 | `xstream` | 社区版 | 检测XStream系列漏洞 | +| Struts2 系列漏洞检测 | `struts` | 高级版 | 检测目标网站是否存在Struts2系列漏洞,包括s2-016、s2-032、s2-045、s2-059、s2-061等常见漏洞 | +| Thinkphp系列漏洞检测 | `thinkphp` | 高级版 | 检测ThinkPHP开发的网站的相关漏洞 | +| shiro反序列化漏洞检测 | `shiro` | 高级版 | 检测Shiro反序列化漏洞 | +| fastjson系列检测 | `fastjson` | 高级版 | 检测fastjson系列漏洞 | -## ⚡️ Advanced Usage -For the following advanced usage, please see https://docs.xray.cool/. +## ⚡️ 进阶使用 -- Modify configuration file -- Capture HTTPS traffic -- Modify HTTP request configuration -- Use of the back-connect platform -- ... +下列高级用法请查看 https://docs.xray.cool/ 使用。 -## 😘 Contribute POCs + - 修改配置文件 + - 抓取 https 流量 + - 修改 http 发包配置 + - 反连平台的使用 + - ... -The progress of xray cannot be achieved without the support of many contributors. In the spirit of mutual assistance and co-construction, to help us all progress together, xray has also opened a channel for "POC inclusion"! Here you will get: +## 😘 贡献 POC -### Submission Process +xray的进步离不开各位师傅的支持,秉持着互助共建的精神,为了让我们共同进步,xray也开通了“PoC收录”的渠道!在这里你将会得到: -1. Contributors submit to the GitHub xray community repository via PR. POC submission location: https://github.com/chaitin/xray/tree/master/pocs, fingerprint script submission location: https://github.com/chaitin/xray/tree/master/fingerprints -2. Fill in the POC information according to the Pull Request template in the PR. -3. Internal review of the PR to determine whether to merge into the repository. -4. Note: To receive POC rewards, you need to submit your POC to the CT stack to receive the rewards. +### 提交流程 -### Generous Rewards +1. 贡献者以 PR 的方式向 github xray 社区仓库内提交, POC 提交位置: https://github.com/chaitin/xray/tree/master/pocs, 指纹识别脚本提交位置: https://github.com/chaitin/xray/tree/master/fingerprints +2. PR 中根据 Pull Request 的模板填写 POC 信息 +3. 内部审核 PR,确定是否合并入仓库 +4. 但需要注意,如果想要获得POC的奖励,需要将你的POC提交到CT stack,才能获取到奖励 -- Contribute POCs to receive **generous gold rewards** with a sense of accomplishment; -- **Rich gift** redemption area, with over 50 kinds of peripheral gifts to choose from; -- Regularly launch JD card redemption, getting **closer to financial freedom**; -- Opportunity to enter the core community, receive special tasks, and earn **high bounties**; +### 丰厚的奖励 -### Comprehensive Tutorials +- 贡献PoC将获得**丰厚的金币奖励**,成就感满满; +- **丰富的礼品**兑换专区,50余种周边礼品任你挑选; +- 定期更有京东卡上线兑换,离**财富自由**又近了一步; +- 进入核心社群的机会,领取特殊任务,赚取**高额赏金**; -- Comprehensive **POC writing tutorials and guidance** to help you get started quickly and avoid pitfalls; +### 完善的教程 -### Learning and Communication +- 完善的**PoC编写教程和指导**,让你快速上手,少走弯路; -- **Face-to-face learning and communication opportunities** with contributors and developers, improving comprehensive skills; -- **Direct interview opportunities** without written tests, making good jobs not just a dream; +### 学习与交流 -If you have successfully contributed a POC but have not yet +- **与贡献者、开发者面对面**学习交流的机会,各项能力综合提高; +- 免笔试的**直通面试机会**,好工作不是梦; -joined the group, please add the customer service WeChat: +如果你已经成功贡献过PoC但是还没有进群,请添加客服微信: -Provide the platform registration ID for verification. Once verified, you can join the group! +提供平台注册id进行验证,验证通过后即可进群! -Refer to: https://docs.xray.cool/#/guide/contribute +参照: https://docs.xray.cool/#/guide/contribute -## 🔧 Surrounding Ecosystem +## 🔧周边生态 -### POC Writing Assistant Tools +### POC编写辅助工具 -This tool can assist in generating POCs, and the online version supports **POC duplication checks**, while the local version supports direct packet verification. +该工具可以辅助生成POC,且在线版支持**poc查重**,本地版支持直接发包验证 -#### Online Version -- [**Rule Laboratory**](https://poc.xray.cool) -- The online version supports **POC duplication checks**. -#### Local Version +#### 在线版 +- [**规则实验室**](https://poc.xray.cool) +- 在线版支持对**poc查重** +#### 本地版 - [**gamma-gui**](https://github.com/zeoxisca/gamma-gui) -### xray GUI Assistant Tools +### xray gui辅助工具 -This tool is just a simple command line wrapper, not a direct method call. In the xray plan, there will be a truly complete GUI version of XrayPro in the future, so stay tuned. +本工具仅是简单的命令行包装,并不是直接调用方法。在 xray 的规划中,未来会有一款真正的完善的 GUI 版 XrayPro 工具,敬请期待。 - [**super-xray**](https://github.com/4ra1n/super-xray) -## 📝 Discussion Area +## 📝 讨论区 -Before submitting false positives, missed reports, or requests, please be sure to read https://docs.xray.cool/#/guide/feedback. +提交误报漏报需求等等请务必先阅读 https://docs.xray.cool/#/guide/feedback -If you have any questions, you can submit an issue on GitHub or join the discussion groups below. +如有问题可以在 GitHub 提 issue, 也可在下方的讨论组里 1. GitHub issue: https://github.com/chaitin/xray/issues -2. WeChat Official Account: Scan the QR code below to follow us +2. 微信公众号:微信扫描以下二维码,关注我们 -3. WeChat Group: Add the WeChat official account, click "Contact Us" -> "Join Group", and then scan the QR code to join the group. +3. 微信群: 请添加微信公众号并点击"联系我们" -> "加群",然后扫描二维码加群 + +4. QQ 群: 717365081 + -4. QQ Group: 717365081 \ No newline at end of file diff --git a/README_EN.md b/README_EN.md index 496ca870b..a1574a224 100644 --- a/README_EN.md +++ b/README_EN.md @@ -1,72 +1,96 @@

Welcome to xray 👋

-

+

- + Documentation

-[**中文版本**](./README.md) +

A Powerful Security Assessment Tool

-> A powerful security assessment tool +

+ 🏠 Documentation • + ⬇️ Download xray • + ⬇️ Download xpoc • + ⬇️ Download xapp • + 📖 Plugin Repository +

+ +[**中文版**](./README.md) ## ✨ Demo -![](https://docs.xray.cool/assets/term.svg) +> Note: xray is not open source, just download the built binary files directly. The repository mainly contains community-contributed POCs. Each xray release will automatically package them. + +## xray 2.0 + +To address the issue of xray 1.0 becoming complex and bloated with added features, we have launched xray 2.0. + +This new version aims to enhance the smoothness of functionality, lower the usage threshold, and help more security industry practitioners achieve a better experience more efficiently. xray 2.0 will integrate a series of new security tools to form a comprehensive security toolset. + +**The second tool in the xray 2.0 series, xapp, is now online, welcome to try it!** -🏠[Document](https://docs.xray.cool) ⬇️[Download](https://github.com/chaitin/xray/releases) +### XPOC -> Note: xray is not open source, you can download the built binaries directly, and the poc in the repository, which is mainly contributed by the community, will be packaged automatically for each xray release. +xpoc is the first tool in the xray 2.0 series, designed as a rapid emergency response tool for supply chain vulnerability scanning. -## xray2.0 +Project address: https://github.com/chaitin/xpoc -To address the complexity and bloat of xray 1.0 as features were added, we are introducing xray 2.0. +### XAPP -This new version is dedicated to improving the fluidity of feature usage, lowering the barrier to use, and helping more security industry practitioners to reap a better experience in a more efficient mode. xray 2.0 will integrate a series of new security tools to form a comprehensive security toolset. +xapp is a tool focused on web fingerprint identification. You can use xapp to identify the technologies used by web targets and prepare for security testing. -**xray 2.0 series of the first tool xpoc has been launched, welcome to experience!** +Project address: https://github.com/chaitin/xapp -- [**xpoc**](https://github.com/chaitin/xpoc) +### Plugin Repository -## 🚀 Quick use +We have created a dedicated repository for various plugins, aimed at facilitating the sharing and use of different plugins. -**Before using the tool, read and agree to the terms especially the disclaimer in the [License](https://github.com/chaitin/xray/blob/master/LICENSE.md). Otherwise, do not install or use the tool.** +It mainly collects open-source scripts converted into xray format for everyone to use. -1. Use the base basic web crawler scan to scrape and perform vulnerability scanning on the scraped links +We will periodically push some new plugins here and hope everyone will actively optimize or submit plugins to enrich this repository together. + +Project address: https://github.com/chaitin/xray-plugins + +## 🚀 Quick Usage + +**Before using, be sure to read and agree to the terms in the [License](https://github.com/chaitin/xray/blob/master/LICENSE.md) file. If not, please do not install or use this tool.** + +1. Use the basic crawler to scan the links crawled by the crawler for vulnerabilities ```bash xray webscan --basic-crawler http://example.com --html-output vuln.html ``` -2. Use an HTTP proxy for passive scanning +1. Use HTTP proxy for passive scanning ```bash xray webscan --listen 127.0.0.1:7777 --html-output proxy.html ``` - Set the browser http proxy to `http://127.0.0.1:7777` to analyze proxy traffic and scan automatically. + Set the browser's HTTP proxy to `http://127.0.0.1:7777`, then you can automatically analyze proxy traffic and scan it. - >To scan https traffic, read the `Crawling https Traffic` section below + > To scan HTTPS traffic, please read the "Capture HTTPS Traffic" section below. -3. Only a single url is scanned, without crawlers +1. Scan a single URL without using a crawler ```bash xray webscan --url http://example.com/?a=b --html-output single-url.html ``` -4. Manually configure the plugins to run this time +1. Manually specify plugins for this run - By default, all built-in plugins are enabled. You can specify which plugins are enabled for this scan using the following command. + By default, all built-in plugins will be enabled. You can specify the plugins to be enabled for this scan with the following commands. ```bash xray webscan --plugins cmd-injection,sqldet --url http://example.com xray webscan --plugins cmd-injection,sqldet --listen 127.0.0.1:7777 ``` -5. Specifying plugin output +1. Specify Plugin Output - You can choose targeted vulnerability and their details of this scan and export a report: + You can specify to output the vulnerability information of this scan to a file: ```bash xray webscan --url http://example.com/?a=b \ @@ -75,113 +99,112 @@ This new version is dedicated to improving the fluidity of feature usage, loweri [Sample Report](https://docs.xray.cool/assets/report_example.html) -For other uses, read the documentation: https://docs.xray.cool - - -## 🪟 Detection module - -New detection modules will be added continuously - -| 名称 | Key | 版本 | 说明 | -|-----------------------------------------------|------------------|-------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| XSS vulnerability detection | `xss` | Community Edition | Semantic analysis is used to detect XSS vulnerabilities | -| SQL Injection Detection | `sqldet` | Community Edition | It supports error injection, Boolean injection, time blind injection, etc | -| Command/Code injection detection | `cmd-injection` | Community Edition | It supports shell command injection, PHP code execution, template injection, etc | -| dirscan | `dirscan` | Community Edition | Detects more than 10 sensitive paths and files, including backup files, temporary files, debug pages, and configuration files | -| Path traversal detection | `path-traversal` | Community Edition | Support for common platforms and encodings | -| XML Entity Injection Detection | `xxe` | Community Edition | Support for echo and reverse platform detection | -| POC management | `phantasm` | Community Edition | Some commonly used POCs are built in by default. Users can build and run POCs based on their needs. Document: [POC](https://docs.xray.cool/#/guide/poc) | -| File upload detection | `upload` | Community Edition | Support for common back-end languages | -| Weak password detection | `brute-force` | Community Edition | The Community Edition supports the detection of HTTP basic authentication and weak passwords for simple forms, with a built-in dictionary of common user names and passwords | -| jsonp detection | `jsonp` | Community Edition | Detects jsonp interfaces that contain sensitive information that can be read across domains | -| ssrf detection | `ssrf` | Community Edition | ssrf detection module supports common bypass technology and reverse platform detection | -| Baseline detection | `baseline` | Community Edition | Detects low SSL versions, missing or incorrectly added http, and so on | -| Redirection detection | `redirect` | Community Edition | Support HTML meta jump, 30x jump, etc | -| CRLF injection | `crlf-injection` | Community Edition | Detects HTTP header injection and supports parameters for query, body, etc | -| XStream vulnerability detection | `xstream` | Community Edition | Detect XStream series vulnerabilities | -| Struts2 series vulnerability detection | `struts` | Advanced Edition | Detect whether the target website has Struts2 series vulnerabilities, including s2-016, s2-032, s2-045 and other common vulnerabilities | -| Thinkphp series vulnerability detection | `thinkphp` | Advanced Edition | Detect vulnerabilities in ThinkPHP websites | -| Shiro deserialization vulnerability detection | `shiro` | Advanced Edition | Detect Shiro deserialization vulnerability | -| Fastjson series detection | `fastjson` | Advanced Edition | Detect fastjson series vulnerabilities | - - -## ⚡️ Advanced use - -See https://docs.xray.cool/ for the following advanced uses. - -- Modifying the configuration file -- Scraping https traffic -- Modifying the http packet sending configuration -- Employing reverse platforms +For other usage, please read the documentation: https://docs.xray.cool + +## 🪟 Detection Modules + +New detection modules will be continuously added. + +| Name | Key | Version | Description | +|------------------|------------------|----------|--------------------------------------------------------------------------------------| +| XSS Detection | `xss` | Community | Detects XSS vulnerabilities using semantic analysis | +| SQL Injection Detection | `sqldet` | Community | Supports error-based injection, boolean-based injection, and time-based blind injection | +| Command/Code Injection Detection | `cmd-injection` | Community | Supports shell command injection, PHP code execution, template injection, etc. | +| Directory Enumeration | `dirscan` | Community | Detects over 10 types of sensitive paths and files such as backup files, temporary files, debug pages, and configuration files | +| Path Traversal Detection | `path-traversal` | Community | Supports common platforms and encodings | +| XML External Entity (XXE) Detection | `xxe` | Community | Supports detection with echo and back-connect platform | +| POC Management | `phantasm` | Community | Comes with some common POCs by default; users can build and run POCs as needed. Documentation: [POC](https://docs.xray.cool/#/guide/poc) | +| File Upload Detection | `upload` | Community | Supports common backend languages | +| Weak Password Detection | `brute-force` | Community | Community edition supports HTTP basic authentication and simple form weak password detection, with built-in common username and password dictionary | +| JSONP Detection | `jsonp` | Community | Detects JSONP interfaces containing sensitive information that can be read across domains | +| SSRF Detection | `ssrf` | Community | SSRF detection module, supports common bypass techniques and back-connect platform detection | +| Baseline Check | `baseline` | Community | Detects low SSL versions, missing or incorrectly added HTTP headers | +| Arbitrary Redirect Detection | `redirect` | Community | Supports HTML meta redirects, 30x redirects, etc. | +| CRLF Injection | `crlf-injection` | Community | Detects HTTP header injection, supports parameters in query, body, etc. | +| XStream Vulnerability Detection | `xstream` | Community | Detects XStream series vulnerabilities | +| Struts2 Vulnerability Detection | `struts` | Advanced | Detects Struts2 series vulnerabilities, including common ones like s2-016, s2-032, s2-045, s2-059, s2-061, etc. | +| ThinkPHP Vulnerability Detection | `thinkphp` | Advanced | Detects related vulnerabilities in websites developed with ThinkPHP | +| Shiro Deserialization Vulnerability Detection | `shiro` | Advanced | Detects Shiro deserialization vulnerabilities | +| Fastjson Vulnerability Detection | `fastjson` | Advanced | Detects Fastjson series vulnerabilities | + + +## ⚡️ Advanced Usage + +For the following advanced usage, please see https://docs.xray.cool/. + +- Modify configuration file +- Capture HTTPS traffic +- Modify HTTP request configuration +- Use of the back-connect platform - ... -## 😘 Contribute POC +## 😘 Contribute POCs -The progress of xray is inseparable from the support of all masters. Upholding the spirit of mutual assistance and joint construction, in order to let us make progress together, xray has also opened the channel of "PoC collection"! Here you will get: +The progress of xray cannot be achieved without the support of many contributors. In the spirit of mutual assistance and co-construction, to help us all progress together, xray has also opened a channel for "POC inclusion"! Here you will get: -### How to Submit +### Submission Process -1. Contributors should submit their work using a Pull Request to the xray community repository on GitHub. For POCs, use this link: https://github.com/chaitin/xray/tree/master/pocs, and for fingerprint recognition scripts, use this one: https://github.com/chaitin/xray/tree/master/fingerprints -2. In the Pull Request, fill out the POC information using the provided template -3. Our team will review the Pull Request and decide whether to include it in the repository -4. Keep in mind that to earn rewards for your POC, you'll need to submit it to the CT stack. +1. Contributors submit to the GitHub xray community repository via PR. POC submission location: https://github.com/chaitin/xray/tree/master/pocs, fingerprint script submission location: https://github.com/chaitin/xray/tree/master/fingerprints +2. Fill in the POC information according to the Pull Request template in the PR. +3. Internal review of the PR to determine whether to merge into the repository. +4. Note: To receive POC rewards, you need to submit your POC to the CT stack to receive the rewards. -### Great Rewards +### Generous Rewards -- Contributing to PoC earns generous points rewards and provides a fulfilling sense of accomplishment. -- Choose from over 50 types of peripheral gifts in our abundant gift redemption area. -- Regularly redeem JD Cards online and get one step closer to financial freedom. -- Get the opportunity to enter the core community, receive special tasks, and earn high rewards. +- Contribute POCs to receive **generous gold rewards** with a sense of accomplishment; +- **Rich gift** redemption area, with over 50 kinds of peripheral gifts to choose from; +- Regularly launch JD card redemption, getting **closer to financial freedom**; +- Opportunity to enter the core community, receive special tasks, and earn **high bounties**; -### Perfect Tutorial +### Comprehensive Tutorials -- Perfect PoC writing tutorials and guidance help you get started quickly and avoid detours. +- Comprehensive **POC writing tutorials and guidance** to help you get started quickly and avoid pitfalls; ### Learning and Communication -- Interact face-to-face with contributors and developers to comprehensively improve various abilities. -- Get a direct interview opportunity without a written test, and turn your desired job into a reality. +- **Face-to-face learning and communication opportunities** with contributors and developers, improving comprehensive skills; +- **Direct interview opportunities** without written tests, making good jobs not just a dream; -If you have successfully contributed PoC but have not entered the contributor group, please add customer service WeChat: +If you have successfully contributed a POC but have not yet - - -Provide your CT stack platform registration id for verification, and you can join the group after the verification is passed! - -See: https://docs.xray.cool/#/guide/contribute +joined the group, please add the customer service WeChat: -## 🔧 Surrounding ecology + -### POC authoring aids +Provide the platform registration ID for verification. Once verified, you can join the group! -The tool can assist in generating POC, and the online version supports * * poc duplicate check * *, and the local version supports direct contract verification +Refer to: https://docs.xray.cool/#/guide/contribute -#### Online version +## 🔧 Surrounding Ecosystem -- [**Rule Lab**](https://poc.xray.cool) -- The online version supports duplicate checking of **poc** +### POC Writing Assistant Tools -#### Local version +This tool can assist in generating POCs, and the online version supports **POC duplication checks**, while the local version supports direct packet verification. -- [**gamma-gui**]( https://github.com/zeoxisca/gamma-gui) +#### Online Version +- [**Rule Laboratory**](https://poc.xray.cool) +- The online version supports **POC duplication checks**. +#### Local Version +- [**gamma-gui**](https://github.com/zeoxisca/gamma-gui) -### Xray gui aids +### xray GUI Assistant Tools -This tool is only a simple command line wrapper, not a direct method call. In the planning of xray, there will be a truly complete GUI version of XrayPro tool in the future. Please look forward to it. +This tool is just a simple command line wrapper, not a direct method call. In the xray plan, there will be a truly complete GUI version of XrayPro in the future, so stay tuned. -- [**super-xray**]( https://github.com/4ra1n/super-xray) +- [**super-xray**](https://github.com/4ra1n/super-xray) -## 📝 Discussion area +## 📝 Discussion Area -Feedback of false positives,false negatives, please don’t hesitate to contact us. Be sure to read https://docs.xray.cool/#/guide/feedback first +Before submitting false positives, missed reports, or requests, please be sure to read https://docs.xray.cool/#/guide/feedback. -If you have a question, you can ask it on GitHub or in the discussion group below +If you have any questions, you can submit an issue on GitHub or join the discussion groups below. 1. GitHub issue: https://github.com/chaitin/xray/issues -2. Wechat official account: Scan the following QR code on wechat and subscribe us + +2. WeChat Official Account: Scan the QR code below to follow us -3. Wechat group: Please add the WeChat official account and click "联系我们" -> "加群", and then scan the QR code to join the group +3. WeChat Group: Add the WeChat official account, click "Contact Us" -> "Join Group", and then scan the QR code to join the group. -4. QQ group: 717365081 +4. QQ Group: 717365081 \ No newline at end of file