{"id":18836875,"url":"https://github.com/yhy0/chying","last_synced_at":"2026-02-28T09:05:16.315Z","repository":{"id":167542880,"uuid":"631828000","full_name":"yhy0/ChYing","owner":"yhy0","description":"承影，愿你在光影之间，找到属于自己的锋芒。开源的类 BurpSuite 应用 ChYing — may you find your own edge between light and shadow. An open-source, BurpSuite-like application.","archived":false,"fork":false,"pushed_at":"2026-02-21T15:19:58.000Z","size":15259,"stargazers_count":639,"open_issues_count":0,"forks_count":59,"subscribers_count":9,"default_branch":"main","last_synced_at":"2026-02-21T22:22:54.619Z","etag":null,"topics":["bbscan","burpsuite","dirsearch","golang","jwt","swagger","vulnerability-scanner","wails","web-vulnerability-scanners"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/yhy0.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":"yhy0","patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"lfx_crowdfunding":null,"polar":null,"buy_me_a_coffee":null,"thanks_dev":null,"custom":null}},"created_at":"2023-04-24T06:33:44.000Z","updated_at":"2026-02-21T15:20:02.000Z","dependencies_parsed_at":"2024-06-19T17:11:08.997Z","dependency_job_id":"39518b44-9291-4622-abb6-bc5ab68d2074","html_url":"https://github.com/yhy0/ChYing","commit_stats":null,"previous_names":["yhy0/chying"],"tags_count":25,"template":false,"template_full_name":null,"purl":"pkg:github/yhy0/ChYing","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yhy0%2FChYing","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yhy0%2FChYing/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yhy0%2FChYing/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yhy0%2FChYing/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/yhy0","download_url":"https://codeload.github.com/yhy0/ChYing/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yhy0%2FChYing/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29929119,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-27T19:37:42.220Z","status":"online","status_checked_at":"2026-02-28T02:00:07.010Z","response_time":90,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bbscan","burpsuite","dirsearch","golang","jwt","swagger","vulnerability-scanner","wails","web-vulnerability-scanners"],"created_at":"2024-11-08T02:32:33.750Z","updated_at":"2026-02-28T09:05:16.295Z","avatar_url":"https://github.com/yhy0.png","language":"Go","funding_links":["https://github.com/sponsors/yhy0"],"categories":[],"sub_categories":[],"readme":"# 承影（ChYing）：三年磨一剑，一个安全人的开源梦\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"./images/b5e9f48a-d10c-4428-bad9-1673f1084af8.png\" width=\"400\" alt=\"承影\"\u003e\n\u003c/p\u003e\n\n\u003e 写在前面\n\u003e\n\u003e 2023 年 4 月，我在 GitHub 上创建了一个叫 \"承影\" 的项目。\n\u003e\n\u003e 承影，取自古代名剑，《列子·汤问篇》中记载：\"二曰承影，将旦昧爽之交，日夕昏明之际，北面而察之，淡淡焉若有物存，莫识其状。其所触也，窃窃然有声，经物而物不疾也\" 意为在光影交错之际才能隐约看见的神剑。\n\u003e\n\u003e 我希望这个工具也能如此——在渗透测试的明暗之间，成为安全人手中的利器。\n\n## 缘起：一个安全人的产品梦\n\n我是一个网络安全爱好者，热衷于开发实用、有趣的小工具。\n\n一直以来，我有一个梦想：打造一款像 Xray、BurpSuite 这样被广泛使用的安全产品。\n\n在承影之前，我还做过另一个开源项目——[Jie](https://github.com/yhy0/Jie)，一个综合性的 Web 安全评估工具，支持主被动扫描、漏洞检测、信息收集等功能，目前收获了 600+ Star。\n\n但 Jie 更偏向自动化扫描，是\"跑起来就不用管\"的那种工具。我还缺一个交互式的渗透测试平台——能抓包、能改包、能重放、能爆破，像 Burp Suite 那样，但更轻量、更现代、更\"我的\"。\n\n于是，承影诞生了。\n\n而且，我把 Jie 的扫描能力也集成了进来。承影 + Jie，一个负责交互，一个负责自动化，互为补充。\n\n## 三年：断断续续的深夜\n\n从 2023 年到现在，这个项目经历了太多：\n\n第一版（2023）：用 Wails + Vue 搭了个架子，实现了基础的代理、目录扫描、JWT 解析。界面很简陋，但能用。开源后收获了 400+ Star，说实话有点意外。\n\n沉寂期（2023-2024）：工作忙了，项目停更。但心里一直惦记着，总觉得还差点什么。\n\n重构期（2024-2025）：创建了私有仓库，137 次提交，无数个熬夜的深夜，大刀阔斧地重构。\n\n这里要说一个转折点：LLM 的出现。\n\n说实话，我的前端水平很有限，也没有时间系统学习。之前的界面之所以简陋，就是因为我只能写出那种程度的代码。\n\n但 Cursor 等 AI 编程工具出来后，一切都变了。我不再需要纠结\"这个动画效果怎么实现\"、\"这个布局用 flex 还是 grid\"——我只需要描述我想要什么，AI 帮我实现。\n\nAI 是个人能力的放大器。 它不会替你思考产品该怎么设计，但它能帮你把想法变成代码。对于我这种\"有想法但技术有短板\"的人来说，这简直是破局的关键。\n\n于是，那个在我脑海里构思了很久的\"现代化 UI\"，终于能够落地了。\n\n现在：它长这样了\n\n![image-20260112204045831](./images/image-20260112204045831.png)\n\n![image-20260112204151347](./images/image-20260112204151347.png)\n\n核心功能\n\nHTTP 代理 \u0026 流量分析\n- 实时捕获 HTTP/HTTPS 流量\n- 智能过滤（按方法、主机、状态码、路径）\n- 右键菜单一键发送到 Repeater/Intruder/扫描器\n\nRepeater（重放器）\n- 手动修改请求，反复测试\n- 支持多标签页，对比测试更方便\n\nIntruder（入侵者）\n- 自动化攻击测试\n- 支持多种 Payload 类型\n- 结果实时展示\n\nDecoder（编解码）\n- URL/Base64/Hex/Unicode 一键转换\n- MD5/SHA 哈希计算\n- 支持链式编解码\n\n插件模块\n- JWT 解析与密钥爆破\n- Swagger API 测试（未授权访问、注入检测）\n- 403 Bypass\n- Shiro 解密\n\n集成 Jie 扫描器\n- 被动流量扫描\n- 主动漏洞检测（XSS、SQL 注入、SSRF、命令执行等）\n- Nuclei POC 支持\n\n技术栈\n\n- 后端：Go（高性能、跨平台）\n- 前端：Vue 3 + TypeScript\n- 框架：Wails v3（Go + Web 的完美结合）\n- 数据库：SQLite（轻量本地存储）\n- 扫描引擎：Jie\n\nUI：液态玻璃设计\n\n这次重构最大的变化是 UI。借助 AI 的帮助，我终于实现了心中的设计：\n\n- 液态玻璃风格（Glassmorphism）：半透明、模糊背景、柔和阴影\n- 深色/浅色主题：护眼，也好看\n- 响应式布局：各种分辨率都能用\n- 流畅动画：每个交互都有反馈\n\n我不是专业设计师，但我希望每天打开这个工具时，心情是愉悦的。\n\n## 为什么现在开源？\n\n这个项目在我的私有仓库里躺了快两年。\n\n一直没开源，总觉得\"还不够好\"——功能没完善、Bug 没修完、UI 还能更好……再加上工作重心转移，渗透测试做得少了，Burp 也很久没打开。\n\n但最近想通了：完美是开源的敌人。\n\n与其让它继续躺在硬盘里，不如放出来。也许有人会觉得它有用，也许有人会帮忙改进，也许它能激发别人做类似的事情。\n\n更重要的是，我想给这三年的付出留下一点痕迹。代码会过时，技术会迭代，但这份\"想做点什么\"的心意，希望能被记住。\n\n写给同行\n\n如果你也是安全从业者，我想说：\n\n这个工具不是要取代 Burp Suite。Burp 依然是最专业、最全面的渗透测试工具。\n\n但如果你：\n- 想要一个启动更快的轻量级工具\n- 想要一个界面更现代的选择\n- 想要一个可以自己改的开源方案\n- 或者只是想看看一个安全人是怎么折腾自己的工具的\n\n那么，承影也许值得你试试。\n\n最后\n\n三年，137 次提交，无数个深夜。\n\n从一个简陋的原型，到现在这个样子。\n\n它不完美，还有很多要改进的地方。但它是我的，是我一行一行敲出来的。\n\n现在，它也可以是你的了。\n\n---\n承影 GitHub: https://github.com/yhy0/ChYing\n\nJie GitHub: https://github.com/yhy0/Jie\n\nStar 一下？ 这是对一个独立开发者最好的鼓励。\n\n---\n承影，愿你在光影之间，找到属于自己的锋芒。\n\n---","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyhy0%2Fchying","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyhy0%2Fchying","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyhy0%2Fchying/lists"}