{"id":48745993,"url":"https://github.com/mouseww/anything-analyzer","last_synced_at":"2026-06-01T17:00:45.950Z","repository":{"id":350830013,"uuid":"1208430144","full_name":"Mouseww/anything-analyzer","owner":"Mouseww","description":"全能协议分析工具：浏览器抓包 + MITM 代理 + 指纹伪装 + AI 分析 + MCP Server 无缝对接 AI Agent/IDE   |  All-in-one protocol analysis toolkit — built-in browser capture, MITM proxy, JS hooks, fingerprint spoofing, AI analysis \u0026 MCP server for agent integration","archived":false,"fork":false,"pushed_at":"2026-05-28T06:47:18.000Z","size":973,"stargazers_count":2702,"open_issues_count":37,"forks_count":526,"subscribers_count":10,"default_branch":"main","last_synced_at":"2026-05-28T08:20:39.627Z","etag":null,"topics":["2api","ai-tools","analysis-cli","api-analysis","automation-tools","blackbox-testing","network-analysis","protocol-analysis","reverse-engineering","traffic-analysis"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Mouseww.png","metadata":{"files":{"readme":"README.en.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-04-12T09:12:57.000Z","updated_at":"2026-05-28T07:21:58.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/Mouseww/anything-analyzer","commit_stats":null,"previous_names":["mouseww/anything-analyzer"],"tags_count":37,"template":false,"template_full_name":null,"purl":"pkg:github/Mouseww/anything-analyzer","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mouseww%2Fanything-analyzer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mouseww%2Fanything-analyzer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mouseww%2Fanything-analyzer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mouseww%2Fanything-analyzer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Mouseww","download_url":"https://codeload.github.com/Mouseww/anything-analyzer/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mouseww%2Fanything-analyzer/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33784631,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-01T02:00:06.963Z","response_time":115,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["2api","ai-tools","analysis-cli","api-analysis","automation-tools","blackbox-testing","network-analysis","protocol-analysis","reverse-engineering","traffic-analysis"],"created_at":"2026-04-12T11:02:56.021Z","updated_at":"2026-06-01T17:00:45.944Z","avatar_url":"https://github.com/Mouseww.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Anything Analyzer\n\n[English](README.en.md) | [简体中文](README.md)\n\n\u003e **Web pages, desktop apps, terminal commands, Python scripts, mobile apps -- no matter where traffic comes from, capture it and let AI reverse engineer it automatically.**\n\n[![Electron](https://img.shields.io/badge/Electron-35-blue)](https://www.electronjs.org/)\n[![React](https://img.shields.io/badge/React-19-61dafb)](https://react.dev/)\n[![TypeScript](https://img.shields.io/badge/TypeScript-5-3178c6)](https://www.typescriptlang.org/)\n[![License](https://img.shields.io/badge/License-MIT-green)](LICENSE)\n\n\u003cimg alt=\"Anything Analyzer Screenshot\" src=\"https://github.com/user-attachments/assets/87f24186-ea00-4a03-9634-4d7af4b224d4\" /\u003e\n\n---\n\n## Why Anything Analyzer?\n\nTraditional tools each cover only one area: DevTools is for browsers, Fiddler/Charles are for proxies, and Wireshark does not decrypt HTTPS. After capture, you still have to sift through hundreds of requests and analyze them manually.\n\n**Anything Analyzer is different -- full scenario capture + AI automatic analysis:**\n\n```\n  Web            Desktop apps        Terminal        Scripts        Mobile / IoT\n  Chrome         Postman             curl/wget       Python         App / Mini Program\n    |            Electron              |             Node.js          |\n    |              |                   |               |              |\n    v              v                   v               v              v\n ┌──────────┐ ┌──────────────────────────────────────────────────────────┐\n │ Embedded │ │            MITM Proxy (port 8888)                         │\n │ Browser  │ │  System proxy / manual / Wi-Fi proxy                      │\n │  (CDP)   │ └──────────────────────────┬───────────────────────────────┘\n └────┬─────┘                            |\n      |                                  |\n      └──────────┬───────────────────────┘\n                 v\n        ┌─────────────────┐\n        │ Unified Session │  \u003c- All sources flow into one session\n        └────────┬────────┘\n                 v\n        ┌─────────────────┐\n        │ AI Analysis     │  \u003c- One-click protocol reverse / security / crypto report\n        └─────────────────┘\n```\n\n---\n\n## Three Core Capabilities\n\n### 1. Capture across all scenarios -- anything, not just browsers\n\n| Target | How to capture | Typical use cases |\n|--------|----------------|------------------|\n| **Web** | Use the embedded browser directly | Web API reverse engineering, OAuth login, frontend crypto |\n| **Desktop apps** | MITM proxy + system proxy | Postman, Electron apps, game clients |\n| **Terminal commands** | MITM proxy + environment variables | curl, wget, httpie |\n| **Scripts** | MITM proxy + code config | Python requests, Node.js fetch, Go http |\n| **Mobile / tablets** | MITM proxy + Wi-Fi proxy | iOS/Android apps, mini programs, H5 |\n| **IoT / other devices** | MITM proxy + gateway proxy | Smart home, embedded HTTP traffic |\n\nAll sources are **merged into a single Session**, and AI analyzes them together.\n\n### 2. AI analysis -- more than capture, automatic protocol understanding\n\n- **Two-phase analysis** -- Phase 1 filters noise requests, Phase 2 focuses on deep analysis\n- **5 analysis modes** -- Auto detect / API reverse / security audit / performance / JS crypto reverse\n- **JS Hook injection** -- Intercepts fetch, XHR, crypto.subtle, CryptoJS, SM2/3/4 crypto calls\n- **Crypto code extraction** -- Extracts crypto-related code snippets from JS files\n- **Streaming output + follow-ups** -- Reports stream in real time and support multi-round Q\u0026A\n\n### 3. MCP ecosystem integration -- capture tool for AI agents\n\n- **MCP Client** -- Connect to external MCP servers (stdio + StreamableHTTP) to extend AI analysis\n- **Built-in MCP Server** -- Expose capture and analysis as MCP tools for Claude Desktop, Cursor, and more\n\n---\n\n## Use Cases\n\n| Scenario | Traffic source | What you get |\n|----------|----------------|--------------|\n| **Reverse a website API** | Embedded browser | API endpoints + auth flow + Python reproduction code |\n| **Reverse an app protocol** | Mobile Wi-Fi proxy | Hidden APIs + request signing logic |\n| **JS crypto reverse** | Embedded browser + JS Hook | Crypto algorithm ID + flow reconstruction + Python implementation |\n| **Security audit** | Browser + proxy mix | Token leaks, CSRF/XSS, sensitive data exposure |\n| **Debug CLI tools** | Terminal curl/httpie | Full request/response logs + AI step-by-step explanations |\n| **Debug microservices** | Scripts + env proxy | Service call chains + auth propagation analysis |\n\n---\n\n## Quick Start\n\n### Download and install\n\nGet the installer for your platform from [Releases](https://github.com/Mouseww/anything-analyzer/releases):\n\n| Platform | File |\n|----------|------|\n| Windows | `Anything-Analyzer-Setup-x.x.x.exe` |\n| macOS (Apple Silicon) | `Anything-Analyzer-x.x.x-arm64.dmg` |\n| macOS (Intel) | `Anything-Analyzer-x.x.x-x64.dmg` |\n| Linux | `Anything-Analyzer-x.x.x.AppImage` |\n\n### Capture web traffic -- embedded browser\n\n1. **Configure LLM** -- Settings -\u003e LLM, fill in API Key (OpenAI / Anthropic / any compatible API)\n2. **Create a new Session** -- enter a name and target URL\n3. **Interact and capture** -- use the embedded browser, click Start Capture\n4. **AI analysis** -- stop capture, click Analyze, choose analysis mode\n\n### Capture apps/terminal/mobile -- MITM proxy\n\n1. Settings -\u003e MITM Proxy -\u003e **install CA certificate**\n2. **Enable proxy** (default port `8888`)\n3. Configure proxy by scenario:\n\n```bash\n# ---- Terminal commands ----\ncurl -x http://127.0.0.1:8888 https://api.example.com/data\n\n# ---- Python script ----\nproxies = {\"http\": \"http://127.0.0.1:8888\", \"https\": \"http://127.0.0.1:8888\"}\nrequests.get(\"https://api.example.com/data\", proxies=proxies)\n\n# ---- Node.js ----\nHTTP_PROXY=http://127.0.0.1:8888 HTTPS_PROXY=http://127.0.0.1:8888 node app.js\n\n# ---- System-wide (desktop apps follow proxy) ----\n# Use the one-click \"Set as system proxy\" in Settings\n\n# ---- Mobile / tablets ----\n# Wi-Fi Settings -\u003e HTTP Proxy -\u003e Manual -\u003e enter computer IP + port 8888\n# Then open the proxy address in a phone browser to download and install the CA certificate\n```\n\n4. Create a Session (URL can be empty) -\u003e Start Capture -\u003e external app traffic flows in\n\n\u003cdetails\u003e\n\u003csummary\u003eCA certificate details\u003c/summary\u003e\n\n- Cert storage: `%APPDATA%/anything-analyzer/certs/` (Windows) / `~/Library/Application Support/anything-analyzer/certs/` (macOS)\n- Admin permissions required on first install (Windows UAC / macOS password)\n- Settings allows uninstall, regenerate, or export at any time\n- Root CA is valid for 10 years, leaf certs 825 days (Apple requirement)\n- MITM proxy is **read-only capture**, it does not modify requests/responses\n- WebSocket traffic is tunneled, not decrypted\n- Per-body size limit 1MB, binary content is skipped\n\n\u003c/details\u003e\n\n---\n\n## All Features\n\n\u003cdetails\u003e\n\u003csummary\u003eExpand to see full feature list\u003c/summary\u003e\n\n**Capture engine**\n- Full network capture -- CDP Fetch interception for all HTTP requests/responses (headers, body)\n- MITM proxy -- built-in HTTPS MITM proxy, auto-issues TLS certs with per-domain LRU cache\n- Dual-channel capture -- browser CDP + MITM proxy into one session\n- SSE / WebSocket detection -- auto detect streaming and upgrade requests\n- Storage snapshots -- periodic Cookie, localStorage, sessionStorage collection\n- Domain filters -- group/filter by domain with partial match search\n- Source tags -- distinguish \"CDP\" and \"Proxy\" sources\n- Export requests -- export raw request data to JSON files\n\n**Browser**\n- Multi-tab -- auto-capture popups into internal tabs (OAuth friendly)\n- Tab protection -- prevent window.close from killing tabs, auto-restore last tab\n- One-click clean environment -- clear cookies, localStorage, sessionStorage, cache\n\n**AI analysis**\n- Two-phase analysis -- Phase 1 filtering -\u003e Phase 2 deep analysis, AI reads details on demand\n- Manual multi-select analysis -- analyze selected requests without pre-filtering\n- Custom prompt templates -- built-in templates plus custom ones\n- Streaming output + follow-ups -- live report display with multi-round chat\n\n**System**\n- System proxy integration -- one-click system proxy (Windows registry / macOS networksetup / Linux gsettings)\n- CA certificate management -- install / uninstall / regenerate / export across platforms\n- Global proxy -- SOCKS5/HTTP/HTTPS proxy support\n- Auto update -- built-in electron-updater\n- Dark theme -- modern UI based on Ant Design\n\n\u003c/details\u003e\n\n---\n\n## Build from Source\n\n```bash\ngit clone https://github.com/MouseWW/anything-analyzer.git\ncd anything-analyzer\npnpm install\npnpm dev        # dev mode\npnpm test       # run tests\npnpm build \u0026\u0026 npx electron-builder --win  # build Windows installer\n```\n\n\u003e macOS release note: auto-update requires **signed and notarized** installers. Before publishing mac builds from GitHub Actions, configure `CSC_LINK`, `CSC_KEY_PASSWORD`, `APPLE_ID`, `APPLE_APP_SPECIFIC_PASSWORD`, and `APPLE_TEAM_ID` in repository secrets, otherwise `ShipIt` cannot install updates.\n\n**Requirements:** Node.js \u003e= 18, pnpm, Visual Studio Build Tools (Windows)\n\n## Tech Stack\n\n| Layer | Technology |\n|-------|------------|\n| Framework | Electron 35 + electron-vite |\n| Frontend | React 19 + Ant Design 5 + TypeScript |\n| Database | better-sqlite3 (local SQLite) |\n| Protocol | Chrome DevTools Protocol (CDP) |\n| Proxy | Built-in MITM HTTPS proxy (node-forge TLS) |\n| AI | OpenAI / Anthropic / Custom LLM (Chat Completions + Responses API) |\n| AI extensions | MCP Client (stdio + StreamableHTTP) + built-in MCP Server |\n\n\u003cdetails\u003e\n\u003csummary\u003eProject structure\u003c/summary\u003e\n\n```\nsrc/\n├── main/                    # Electron main process\n│   ├── ai/                  # AI pipeline (two-phase orchestration, prompts, LLM routing)\n│   ├── capture/             # Capture engine (CDP Fetch + JS Hook + storage snapshots)\n│   ├── cdp/                 # Chrome DevTools Protocol management\n│   ├── proxy/               # MITM proxy (CA management, cert issuance, system proxy)\n│   ├── mcp/                 # MCP Client + built-in MCP Server\n│   ├── db/                  # SQLite data layer\n│   └── session/             # Session lifecycle management\n├── preload/                 # Context bridge + hook injection scripts\n├── renderer/                # React UI (components + hooks)\n└── shared/                  # Shared type definitions\n```\n\n\u003c/details\u003e\n\n---\n\nThis project **does not** include the following capabilities:\n- Illegal access to computer data\n- Illegal modification of computer data\n- Illegal control of computer systems\n- Destruction of computer systems\n- Built-in AI models (you must configure your own model and use it in compliance with regulations)\n\n**Do not use this tool for any activity that violates the laws of the PRC.**\n\n---\n\nThanks to everyone on [LinuxDo](https://linux.do/) for their support!\n\n---\n\n## Recommended Resources\n\n|:---:|---|\n| \u003ca href=\"https://doloffer.com/friend/Pa34D0CG\"\u003e\u003cimg src=\"resources/doloffer-logo.png\" width=\"180\" alt=\"Doloffer\"\u003e\u003c/a\u003e | **[Doloffer](https://doloffer.com/friend/Pa34D0CG)** — GPT / Claude subscriptions at discounted prices. Genuine licenses, hassle-free support.\u003cbr\u003e📖 [Guide](https://github.com/Doloffer-g/guide) \\| 🎁 Promo code: `Al8888` (10% off) |\n\n## Star History\n\n[![Star History Chart](https://api.star-history.com/svg?repos=Mouseww/anything-analyzer\u0026type=Date)](https://star-history.com/#Mouseww/anything-analyzer\u0026Date)\n\n## License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmouseww%2Fanything-analyzer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmouseww%2Fanything-analyzer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmouseww%2Fanything-analyzer/lists"}