Skip to content

Commit

Permalink
Update README-EN.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@Chanzi-keji
Chanzi-keji authored Nov 11, 2024
1 parent becede9 commit 88bfec3
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions README-EN.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@

### II. Feature Introduction
* Supported Languages: java (Servlet&filter, spring, jfinal, netty, dubbo, thirft, mybatis, dropwizard, JDK built-in httpserver, jsp, xml, yaml, properties, etc.)
* Employed Technology: Taint analysis. The "Shovel" will uniformly construct data flow diagrams for java, xml (mybatis, dubbo), etc. without the need for compilation, and then conduct taint analysis. The vulnerability results can be conveniently read in the data flow window.
* Employed Technology: Taint analysis. The "chanzi" will uniformly construct data flow diagrams for java, xml (mybatis, dubbo), etc. without the need for compilation, and then conduct taint analysis. The vulnerability results can be conveniently read in the data flow window.
* Supported Vulnerabilities: It has built-in common CWE vulnerability rules such as SQL injection, command injection, file upload, SSRF, as well as component vulnerability rules for log4j, shiro, xstream, actuator, etc.
* Exporting Reports: Users can mark the vulnerabilities and export simple vulnerability reports, including the type of vulnerability, hazard level, location, and repair suggestions, helping developers quickly locate and solve problems.
* Decompilation: It supports decompilation scanning. You can select the jar or class files that need to be decompiled when creating a new task, or you can decompile and read the code of a single class or jar file during the auditing process.
Expand All @@ -15,7 +15,7 @@
* Note: The scanning process will not upload any form of code data to the server. Please use it with confidence.

### III. Installation and Use of the Tool
* Download and Installation: Visit the official website of the "Shovel", and select the appropriate installation package according to your operating system for downloading and installation.
* Download and Installation: Visit the official website of the "chanzi", and select the appropriate installation package according to your operating system for downloading and installation.
* Environment Configuration: It has a built-in Java running environment and can be installed with one click without the need for configuration.
* Starting the Scan: After starting the program, click "New Task".
* Viewing the Results: You can view them in the vulnerability window, and sort, filter, mark, etc. the vulnerabilities as needed.
Expand Down

0 comments on commit 88bfec3

Please # to comment.