{"id":13575926,"url":"https://github.com/iSafeBlue/TrackRay","last_synced_at":"2025-04-05T05:30:31.506Z","repository":{"id":41128711,"uuid":"155206197","full_name":"iSafeBlue/TrackRay","owner":"iSafeBlue","description":"溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）","archived":false,"fork":false,"pushed_at":"2023-12-16T16:35:33.000Z","size":132225,"stargazers_count":2047,"open_issues_count":24,"forks_count":375,"subscribers_count":51,"default_branch":"master","last_synced_at":"2025-03-31T20:07:50.053Z","etag":null,"topics":["pentest","vulnerability"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/iSafeBlue.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2018-10-29T12:13:23.000Z","updated_at":"2025-03-28T21:07:34.000Z","dependencies_parsed_at":"2022-07-14T23:30:38.279Z","dependency_job_id":"c21262c0-9ea5-4553-a27f-68aece168eb5","html_url":"https://github.com/iSafeBlue/TrackRay","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iSafeBlue%2FTrackRay","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iSafeBlue%2FTrackRay/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iSafeBlue%2FTrackRay/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iSafeBlue%2FTrackRay/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/iSafeBlue","download_url":"https://codeload.github.com/iSafeBlue/TrackRay/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247293989,"owners_count":20915329,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["pentest","vulnerability"],"created_at":"2024-08-01T15:01:05.494Z","updated_at":"2025-04-05T05:30:26.944Z","avatar_url":"https://github.com/iSafeBlue.png","language":"Java","funding_links":[],"categories":["Java","测试","Java (504)"],"sub_categories":[],"readme":"\n\u003cdiv align=\"center\"\u003e\n\n\n![](docs/img/logo.png)\n\n\u003cbr/\u003e\n\n![](https://img.shields.io/badge/KCon-%E5%85%B5%E5%99%A8%E8%B0%B1-red)\n![](https://img.shields.io/badge/version-3.2.1-success)\n![](https://img.shields.io/github/stars/iSafeBlue/Trackray.svg)\n![](https://img.shields.io/github/forks/iSafeBlue/Trackray.svg)\n![](https://img.shields.io/github/license/iSafeBlue/Trackray.svg)\n![](https://img.shields.io/github/issues/iSafeBlue/Trackray.svg)    \n\n\u003cbr/\u003e\n\n\u003c/div\u003e\n\n\n## ✨关于溯光\n\n**溯光**，英文名“**TrackRay**”，意为逆光而行，追溯光源。同时致敬安全圈前辈开发的“溯雪”，“流光”。\n\n溯光是一个开源渗透测试框架，框架自身实现了漏洞扫描功能，集成了知名安全工具：Metasploit、Nmap、Sqlmap、AWVS、Burpsuite等。\n\n溯光使用 Java 编写，SpringBoot 作为基础框架，JPA + HSQLDB嵌入式数据库做持久化，Maven 管理依赖，Jython 管理 Python 插件，quartz 做任务调度，freemarker 做视图层，Websocket 实现命令行式插件交互。\n\n如有任何使用上的问题请提交 issue。如果你具备插件开发的能力，希望你也能一起来维护这个项目。\n\n项目开发不易，如果对你有帮助请下 star 以示鼓励。\n\n## ⭐️特点 \n\n- 使用只需要一个浏览器\n- 集成 AWVS、SQLMap、NMap、Metasploit、Burpsuite、Crawlergo、Kunpeng、XRay 等安全工具\n- 内置多个渗透测试辅助插件\n- 方便、开源\n\n## ❗️申明 \n\n本项目禁止用于**商业用途**\n\n溯光开发的初衷是方便安全研究者**检测漏洞以及教育学习使用**。\n\n溯光**严格禁止一切通过本程序进行的违反任何国家法律行为**，请在合法范围内使用本程序。\n\n我们不会上传未公开的漏洞插件，也不允许插件中存在破坏性的语句，目前module模块只写了几个有代表性的模块供开发者参考。\n\n使用本程序则**默认视为**你**同意**我们的规则，请您务必遵守**道德与法律准则**。\n\n如不遵守，**后果自负**，开发者将不承担任何责任！\n\n## ⚡️快速使用 \n\n#### docker启动\n1. `git clone --depth=1 https://github.com/iSafeBlue/TrackRay.git` 或下载 [releases](https://github.com/iSafeBlue/TrackRay/releases) 最新版本源码\n2. `docker build -t trackray_beta .` 构建镜像\n3. `docker run -dit -p 80:80 --name trackray_v3 trackray_beta` 启动容器，可根据需求自行设定参数\n4. `docker exec -it trackray_v3 /bin/bash` 进入溯光工作目录\n5. 启动有需要的服务，如 AWVS、msfprc、SQLMap 等。并根据自己的需求修改`application.properties`配置文件\n6. 下载溯光依赖资源文件，将文件移动到 `/release/` 目录\n7. 进入发布目录 `cd release/`，运行溯光`nohup java -jar trackray.jar \u0026` 或 `java -jar trackray.jar`，若提示未找到文件请先执行一遍`mvn clean package`\n8. 访问`http://127.0.0.1`\n\n#### 本地启动\n1. `git clone --depth=1 https://github.com/iSafeBlue/TrackRay.git` 或下载 [releases](https://github.com/iSafeBlue/TrackRay/releases) 最新版本源码\n2. 启动有需要的服务，如AWVS、msfprc、SQLMap等。并根据自己的需求修改`application.properties`配置文件或直接通过启动参数配置\n3. 下载溯光依赖资源文件，将文件移动到 `/release/` 目录\n4. 执行 Maven 编译命令 `mvn clean package` \n5. 进入发布目录 `cd release/`，运行溯光`nohup java -jar trackray.jar \u0026` 或 `java -jar trackray.jar`\n6. 访问`http://127.0.0.1`\n\n\n#### 溯光依赖资源\n\n\u003e 链接: https://pan.baidu.com/s/1lVAcB1r4gLJxzYXWtSs5xg 提取码: eexr\n\n下载资源文件解压后将对应版本的“resource”目录移动到“release”目录下。\n\n## ❤️注意\n\n- 提问前请阅读一遍[《提问的智慧》](https://github.com/ryanhanwu/How-To-Ask-Questions-The-Smart-Way/blob/master/README-zh_CN.md)。\n- **本项目未做安全防护**，部分代码会存在安全漏洞。\n- **MSF控制台**和**交互式插件控制台**，尽量使用 Firefox 浏览器访问。\n- 开发插件建议使用 `Intellij IDEA`，需要安装 lombok 插件。\n- 登录密码在 `application.properties` 中修改 `trackray.account` 和 `trackray.password`。\n\n\n## ✏️ChangeLog \n\n| 日期 | 描述  |\n| ---- | ---- |\n| 2020-04-11 | 溯光3.2.1更新 |\n| 2020-04-11 | 溯光3.2.0更新 |\n| 2019-08-16 | 溯光3.1.0更新 |\n| 2019-05-14 | 溯光3更新 |\n| 2019-03-11 | 新增jython支持，可通过`PyScript.java`插件调用python脚本 |\n| 2019-02-02 | 修复在linux环境下相关bug |\n| 2019-01-30 | 溯光2更新 |\n| 2018-10-29 | 溯光渗透测试框架开源 |\n\n\n## 😎贡献者\n\n项目由[浅蓝](https://github.com/iSafeBlue)发起并主导开发。\n\n[致谢名单](https://github.com/iSafeBlue/TrackRay/wiki/%E8%87%B4%E8%B0%A2%E5%90%8D%E5%8D%95)\n\n\n## 🚀功能展示 \n\n#### 登录\n\n![][2]\n\n#### 任务列表\n\n![][4]\n\n#### 任务详情\n\n![1557573022.jpg][6]\n\n#### 无交互接口插件\n\n![][7]\n\n#### 部分独立插件示例\n\n![][11]\n\n![][12]\n\n![][13]\n\n![][14]\n\n#### 交互式插件控制台\n\n![][9]\n\n#### MSF 控制台\n\n![](/docs/img/msf.gif)\n\n## 💴赞助\n\n**您的捐助将被用于**\n\n* 持续开发溯光渗透测试框架\n* 社区活动\n* 奖励杰出贡献者\n\n![微信](docs/img/wx.png) ![支付宝](docs/img/ali.png)\n\n\n## ✉️交流反馈\n\nEmail: blue#ixsec.org\n\n\u003e 交流群已满员，请添加作者微信邀请入群（备注溯光）。\n\n![][10]\n\n  [1]: /docs/img/3999579642.png\n  [2]: /docs/img/242398485.png\n  [3]: /docs/img/4052103405.png\n  [4]: /docs/img/3017849620.png\n  [5]: /docs/img/4059228044.png\n  [6]: /docs/img/4094571871.png\n  [7]: /docs/img/1587610634.png\n  [9]: /docs/img/2882579563.gif\n  [10]: /docs/img/wechat.png\n  [11]: /docs/img/1565838022.jpg\n  [12]: /docs/img/1565838023.png\n  [13]: /docs/img/1565838152.jpg\n  [14]: /docs/img/1565924910.png\n    \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FiSafeBlue%2FTrackRay","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FiSafeBlue%2FTrackRay","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FiSafeBlue%2FTrackRay/lists"}