{"id":14637824,"url":"https://github.com/yhy0/ChYing","last_synced_at":"2025-09-07T06:31:01.503Z","repository":{"id":167542880,"uuid":"631828000","full_name":"yhy0/ChYing","owner":"yhy0","description":"承影 - 一款安全工具箱,集成了目录扫描、JWT、Swagger 测试、编/解码、轻量级 BurpSuite、杀软辅助功能","archived":false,"fork":false,"pushed_at":"2023-06-11T03:39:40.000Z","size":6858,"stargazers_count":376,"open_issues_count":3,"forks_count":25,"subscribers_count":8,"default_branch":"main","last_synced_at":"2024-12-30T15:19:45.929Z","etag":null,"topics":["bbscan","burpsuite","dirsearch","golang","jwt","swagger","vulnerability-scanner","wails","web-vulnerability-scanners"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/yhy0.png","metadata":{"files":{"readme":"README-en.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-04-24T06:33:44.000Z","updated_at":"2024-12-23T03:59:19.000Z","dependencies_parsed_at":"2024-06-19T17:11:08.997Z","dependency_job_id":"b88144a8-a347-4ad5-8ebb-1d63f333d8de","html_url":"https://github.com/yhy0/ChYing","commit_stats":null,"previous_names":["yhy0/chying"],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yhy0%2FChYing","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yhy0%2FChYing/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yhy0%2FChYing/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yhy0%2FChYing/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/yhy0","download_url":"https://codeload.github.com/yhy0/ChYing/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":232182986,"owners_count":18484717,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bbscan","burpsuite","dirsearch","golang","jwt","swagger","vulnerability-scanner","wails","web-vulnerability-scanners"],"created_at":"2024-09-10T02:01:17.050Z","updated_at":"2025-01-02T10:30:55.070Z","avatar_url":"https://github.com/yhy0.png","language":"Go","funding_links":[],"categories":["漏洞扫描","Go"],"sub_categories":[],"readme":"## ChYing\n\n\u003cp align=\"center\"\u003e\n将旦昧爽之交，日夕昏明之际，北面而察之，淡淡焉若有物存，莫识其状。其所触也，窃窃然有声，经物而物不疾也。\n  \u003cbr/\u003e\n  \u003cbr/\u003e\n  \u003ca href=\"https://github.com/yhy0/ChYing/blob/main/LICENSE\"\u003e\n    \u003cimg alt=\"Release\" src=\"https://img.shields.io/github/license/yhy0/ChYing\"/\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://github.com/yhy0/ChYing\"\u003e\n    \u003cimg alt=\"Release\" src=\"https://img.shields.io/badge/release-v1.1-brightgreen\"/\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://github.com/yhy0/ChYing\"\u003e\n    \u003cimg alt=\"GitHub Repo stars\" src=\"https://img.shields.io/github/stars/yhy0/ChYing?color=9cf\"/\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://github.com/yhy0/ChYing\"\u003e\n    \u003cimg alt=\"GitHub forks\" src=\"https://img.shields.io/github/forks/yhy0/ChYing\"/\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://github.com/yhy0/ChYing\"\u003e\n    \u003cimg alt=\"GitHub all release\" src=\"https://img.shields.io/github/downloads/yhy0/ChYing/total?color=blueviolet\"/\u003e\n  \u003c/a\u003e\n\u003c/p\u003e\n\u003cdiv align=\"center\"\u003e\n\u003cstrong\u003e\n\u003csamp\u003e\n\n[简体中文](./README.md) · [English](./README-en.md)\n\n\u003c/samp\u003e\n\u003c/strong\u003e\n\u003c/div\u003e\n\n\nChYing is a comprehensive security toolbox designed to simplify various security testing tasks. It provides a range of features and tools, including directory scanning, JWT , Swagger API testing, encoding/decoding utilities, a lightweight BurpSuite alternative, and antivirus assistance. ChYing aims to assist security professionals and developers in identifying vulnerabilities and strengthening the security of their applications.\n\nhttps://github.com/yhy0/ChYing/assets/31311038/54cc1130-fb95-4a8f-b90e-3479e9c5a2c7\n\n\u003cvideo controls=\"controls\" loop=\"loop\" autoplay=\"autoplay\"\u003e \n    \u003csource src=\"images/ChYing.mp4\" type=\"video/mp4\"\u003e\n\u003c/video\u003e\n\n## Project Setup\n\nhttps://wails.io/docs/gettingstarted/installation/\n\nInstall **Wails**.\n\nThen run `wails build`.\n\n## Features\n\n### Directory Scanning\n\nScanning using dictionary rules extracted from [dirsearch](https://github.com/maurosoria/dirsearch). Currently, only scans a single level of directories. Future considerations include traversing multiple levels of directories based on the discovered directories.\n\nScanning with [bbscan](https://github.com/lijiejie/bbscan) rules.\n\n### Swagger Testing\n\nUnauthenticated, SSRF, and injection testing on `swagger api`.\n\n### 403 Bypass\n\nAutomatic 403 bypass for the Swagger features.\n\nhttps://github.com/devploit/dontgo403\n\nhttps://infosecwriteups.com/403-bypass-lyncdiscover-microsoft-com-db2778458c33\n\n### JWT\n\n- JWT token parsing with visual display similar to [jwt.io](https://jwt.io/).\n- JWT key cracking.\n\n### NucleiY\n\nKey vulnerability scanning based on nuclei\n\nhttps://github.com/yhy0/nucleiY\n\n### BurpSuite\n\nUtilizing the features of the [go-mitmproxy](https://github.com/lqqyt2423/go-mitmproxy) project to replicate BurpSuite functionality.\n\n[Certificate Installation](https://github.com/lqqyt2423/go-mitmproxy#usage):\n\nAfter launching, the default HTTP proxy address is set to port 9080.\n\nFor the first launch, you need to install a certificate to decrypt HTTPS traffic. The certificate will be automatically generated after the first launch command and saved in ~/.mitmproxy/mitmproxy-ca-cert.pem. The installation steps can be found in the Python mitmproxy documentation: [Certificates](https://docs.mitmproxy.org/stable/concepts-certificates/).\n\n-   [x] Proxy module\n-   [x] Repeater module\n-   [x] Intruder module\n\n### Configurable Dictionaries\n\nVarious dictionary files are used. On the first run, the built-in dictionaries will be released to the `.config/ChYing` directory in the user's folder, and they will be read on each subsequent run.\n\n### Encoding and Decoding\nUnicode, URL, Hex, Base64 encoding/decoding.\n\nMD5 encryption.\n\n### Antivirus Recognition\n\nhttps://github.com/gh0stkey/avList/blob/master/avlist.js\n\n## Issues\nLack of frontend expertise; heavily reliant on ChatGPT.\n\n- Currently, each tab page needs to be clicked to activate it, which means BurpSuite requires clicking through each page before using it.\n- Intruder module\n  - The Attack display cannot switch to other Intruder tab pages, otherwise the results won't be displayed. It's a frontend data binding issue. Still figuring out the best way to address it.\n\n## License\n\nThis code is distributed under the [AGPL-3.0 license](https://github.com/yhy0/ChYing/blob/main/LICENSE). See [LICENSE](https://github.com/yhy0/ChYing/blob/main/LICENSE) in this directory.\n\n## Acknowledgements\n\nSpecial thanks to [JetBrains](https://www.jetbrains.com/) for providing a range of powerful IDEs and supporting this project.\n\n![JetBrains Logo (Main) logo](https://resources.jetbrains.com/storage/products/company/brand/logos/jb_beam.svg)\n\n\nhttps://github.com/lijiejie/bbscan\n\nhttps://github.com/maurosoria/dirsearch\n\nhttps://github.com/devploit/dontgo403\n\nhttps://github.com/lqqyt2423/go-mitmproxy\n\nhttps://github.com/gh0stkey/avList/\n\nhttps://wails.io/\n\nhttps://www.naiveui.com/\n\n## Star History\n\n[![Star History Chart](https://api.star-history.com/svg?repos=yhy0/ChYing\u0026type=Date)](https://star-history.com/#yhy0/ChYing\u0026Date)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyhy0%2FChYing","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyhy0%2FChYing","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyhy0%2FChYing/lists"}