From 88bfec3f9b0bd264546ac7237dcc9da779265fd2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=93=B2=E5=AD=90=E7=A7=91=E6=8A=80?= Date: Mon, 11 Nov 2024 23:11:25 +0800 Subject: [PATCH] Update README-EN.md --- README-EN.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README-EN.md b/README-EN.md index b823c86..7840d01 100644 --- a/README-EN.md +++ b/README-EN.md @@ -6,7 +6,7 @@ ### II. Feature Introduction * Supported Languages: java (Servlet&filter, spring, jfinal, netty, dubbo, thirft, mybatis, dropwizard, JDK built-in httpserver, jsp, xml, yaml, properties, etc.) -* Employed Technology: Taint analysis. The "Shovel" will uniformly construct data flow diagrams for java, xml (mybatis, dubbo), etc. without the need for compilation, and then conduct taint analysis. The vulnerability results can be conveniently read in the data flow window. +* Employed Technology: Taint analysis. The "chanzi" will uniformly construct data flow diagrams for java, xml (mybatis, dubbo), etc. without the need for compilation, and then conduct taint analysis. The vulnerability results can be conveniently read in the data flow window. * Supported Vulnerabilities: It has built-in common CWE vulnerability rules such as SQL injection, command injection, file upload, SSRF, as well as component vulnerability rules for log4j, shiro, xstream, actuator, etc. * Exporting Reports: Users can mark the vulnerabilities and export simple vulnerability reports, including the type of vulnerability, hazard level, location, and repair suggestions, helping developers quickly locate and solve problems. * Decompilation: It supports decompilation scanning. You can select the jar or class files that need to be decompiled when creating a new task, or you can decompile and read the code of a single class or jar file during the auditing process. @@ -15,7 +15,7 @@ * Note: The scanning process will not upload any form of code data to the server. Please use it with confidence. ### III. Installation and Use of the Tool -* Download and Installation: Visit the official website of the "Shovel", and select the appropriate installation package according to your operating system for downloading and installation. +* Download and Installation: Visit the official website of the "chanzi", and select the appropriate installation package according to your operating system for downloading and installation. * Environment Configuration: It has a built-in Java running environment and can be installed with one click without the need for configuration. * Starting the Scan: After starting the program, click "New Task". * Viewing the Results: You can view them in the vulnerability window, and sort, filter, mark, etc. the vulnerabilities as needed.