{"id":25405991,"url":"https://github.com/chainreactors/spray","last_synced_at":"2025-05-15T19:09:58.030Z","repository":{"id":171528916,"uuid":"534107831","full_name":"chainreactors/spray","owner":"chainreactors","description":"最好用最智能最可控的目录爆破工具 | The most powerful, user-friendly, intelligent, and precise HTTP buster.","archived":false,"fork":false,"pushed_at":"2025-05-12T15:03:40.000Z","size":707,"stargazers_count":690,"open_issues_count":13,"forks_count":50,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-05-12T16:26:09.641Z","etag":null,"topics":["redteam","security","security-tools"],"latest_commit_sha":null,"homepage":"https://chainreactors.github.io/wiki/spray/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/chainreactors.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-09-08T07:53:07.000Z","updated_at":"2025-05-12T06:21:21.000Z","dependencies_parsed_at":"2024-04-26T11:47:57.207Z","dependency_job_id":"0f79a76e-69a3-489a-8cd7-41a5115c643e","html_url":"https://github.com/chainreactors/spray","commit_stats":null,"previous_names":["chainreactors/spray"],"tags_count":47,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chainreactors%2Fspray","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chainreactors%2Fspray/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chainreactors%2Fspray/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chainreactors%2Fspray/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/chainreactors","download_url":"https://codeload.github.com/chainreactors/spray/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254404356,"owners_count":22065641,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["redteam","security","security-tools"],"created_at":"2025-02-16T05:04:05.891Z","updated_at":"2025-05-15T19:09:57.984Z","avatar_url":"https://github.com/chainreactors.png","language":"Go","readme":"# SPRAY\n\nblog posts:\n\n- https://chainreactors.github.io/wiki/blog/2024/07/24/fingers-introduce/\n- https://chainreactors.github.io/wiki/blog/2024/08/25/spray-best-practices/\n\n![](https://socialify.git.ci/chainreactors/spray/image?description=1\u0026font=Inter\u0026forks=1\u0026issues=1\u0026language=1\u0026name=1\u0026owner=1\u0026pattern=Circuit%20Board\u0026pulls=1\u0026stargazers=1\u0026theme=Light)\n\n\u003cp align=\"center\"\u003e\n    \u003ca href=\"#features\"\u003eFeatures\u003c/a\u003e •\n    \u003ca href=\"#quickstart\"\u003eQuickStart\u003c/a\u003e •\n    \u003ca href=\"#make\"\u003eMake\u003c/a\u003e •\n    \u003ca href=\"https://chainreactors.github.io/wiki/spray/\"\u003eWiki\u003c/a\u003e\n\u003c/p\u003e\n\n## Features\n\n**最好用最智能最可控的目录爆破工具**\n\n* 超强的性能, 在本地测试极限性能的场景下, 能超过ffuf与feroxbruster的性能50%以上. 实际情况受到网络的影响, 感受没有这么明确. 但在多目标下可以感受到明显的区别.\n* 基于掩码的字典生成\n* 基于规则的字典生成\n* 动态智能过滤, 自定义过滤策略\n* 全量[gogo](https://github.com/chainreactors/gogo)的指纹识别, 全量的[fingerprinthub](https://github.com/0x727/FingerprintHub),[wappalyzer](https://github.com/projectdiscovery/wappalyzergo)指纹\n* 自定义信息提取, 内置敏感信息提取规则\n* 自定义输出格式与内容\n* *nix的命令行设计, 轻松与其他工具联动\n* 多角度的自动被ban,被waf判断\n* 断点续传\n\n## QuickStart\n\n[**Document**](https://chainreactors.github.io/wiki/spray/start)\n\n### 基本使用\n\n**从字典中读取目录进行爆破**\n\n`spray -u http://example.com -d wordlist1.txt -d wordlist2.txt`\n\n**通过掩码生成字典进行爆破**\n\n`spray -u http://example.com -w \"/aaa/bbb{?l#4}/ccc\"`\n\n**通过规则生成字典爆破**\n\n规则文件格式参考hashcat的字典生成规则\n\n`spray -u http://example.com -r rule.txt -d 1.txt`\n\n**批量爆破多个目标**\n\n`spray -l url.txt -r rule.txt -d 1.txt`\n\n**断点续传**\n\n`spray --resume stat.json`\n\n### 高级用法\n\n**check-only 模式**\n\n类似ehole/httpx这类对单页面信息收集的模式. 会有针对性的性能优化. 默认使用[templates](https://github.com/chainreactors/templates/tree/master/fingers)指纹库. 可以使用`--finger`打开第三方指纹库的匹配\n\n`spray -l url.txt --check-only`\n\n**启用拓展指纹识别**\n\n会进行主动探测常见的指纹目录, 并额外启用fingerprinthub与wappalyzer拓展指纹库\n\n`spray -u http://example.com --finger `\n\n**启用爬虫**\n\n`spray -u http://example.com --crawl`\n\n**扫描备份文件与常见通用文件**\n\n`spray -u http://example.com --bak --common`\n\n**启用所有插件**\n\n`spray -u http://example.com -a`\n\n**被动url收集**\n\n参见: https://github.com/chainreactors/urlfounder\n\n## Wiki\n\n详细用法请见[wiki](https://chainreactors.github.io/wiki/spray/)\n\nhttps://chainreactors.github.io/wiki/spray/\n\n## Make\n\n```\ngit clone --recurse-submodules https://github.com/chainreactors/spray\n\ncd spray\n\ngo mod tidy\n\ngo generate\n\ngo build .  \n```\n\n## Similar or related works\n\n* [ffuf](https://github.com/ffuf/ffuf) 一款优秀的http fuzz工具, 与spray的功能有一定重合但并不完全相同\n* [feroxbuster](https://github.com/epi052/feroxbuster) 在编写spray之前我最常使用的目录爆破工具, 但因为批量扫描与过滤配置不便的原因选择自行编写\n* [dirsearch](https://github.com/maurosoria/dirsearch) 较早的目录爆破工具, 参考了部分字典生成与配色\n* [httpx](https://github.com/projectdiscovery/httpx) http信息收集功能, 参考了通过脚本语言编写任意过滤条件的功能\n* [gobuster](https://github.com/OJ/gobuster) 一款统一是go编写的爆破工具, 但不仅限于目录爆破\n\n## TODO\n\n1. [x] 模糊对比\n2. [x] 断点续传\n3. [x] 简易爬虫\n4. [x] 支持http2\n5. [ ] auto-tune, 自动调整并发数量\n6. [x] 可自定义的递归配置\n7. [x] 参考[feroxbuster](https://github.com/epi052/feroxbuster)的`--collect-backups`, 自动爆破有效目录的备份\n8. [x] 支持socks/http代理, 不建议使用, 优先级较低. 代理的keep-alive会带来严重的性能下降\n9. [ ] 云函数化, chainreactors工具链的通用分布式解决方案.\n\n## Thanks\n\n* [fuzzuli](https://github.com/musana/fuzzuli) 提供了一个备份文件字典生成思路\n* [fingerprinthub](https://github.com/0x727/FingerprintHub) 作为指纹库的补充\n* [wappalyzer](https://github.com/projectdiscovery/wappalyzergo) 作为指纹库补充\n* [dirsearch](https://github.com/maurosoria/dirsearch) 提供了默认字典\n","funding_links":[],"categories":["Go","红队\u0026渗透测试"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchainreactors%2Fspray","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fchainreactors%2Fspray","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchainreactors%2Fspray/lists"}