Update README.md

Merge pull request #95 from chainreactors/dev
2025-05-29 09:40:59 +00:00 · 2025-04-10 19:30:21 +08:00 · 2025-03-04 15:10:37 +08:00 · 2025-03-04 15:06:24 +08:00 · 2025-03-04 14:58:28 +08:00 · 2025-03-04 14:56:48 +08:00
7 changed files with 33 additions and 21 deletions
--- a/README.md
+++ b/README.md
@ -1,5 +1,10 @@
 # SPRAY

+blog posts:
+
+- https://chainreactors.github.io/wiki/blog/2024/07/24/fingers-introduce/
+- https://chainreactors.github.io/wiki/blog/2024/08/25/spray-best-practices/
+
 ![](https://socialify.git.ci/chainreactors/spray/image?description=1&font=Inter&forks=1&issues=1&language=1&name=1&owner=1&pattern=Circuit%20Board&pulls=1&stargazers=1&theme=Light)

 <p align="center">
@ -11,6 +16,8 @@

 ## Features

+**最好用最智能最可控的目录爆破工具**
+
 * 超强的性能, 在本地测试极限性能的场景下, 能超过ffuf与feroxbruster的性能50%以上. 实际情况受到网络的影响, 感受没有这么明确. 但在多目标下可以感受到明显的区别.
 * 基于掩码的字典生成
 * 基于规则的字典生成
@ -125,4 +132,4 @@ go build .
 * [fuzzuli](https://github.com/musana/fuzzuli) 提供了一个备份文件字典生成思路
 * [fingerprinthub](https://github.com/0x727/FingerprintHub) 作为指纹库的补充
 * [wappalyzer](https://github.com/projectdiscovery/wappalyzergo) 作为指纹库补充
-* [dirsearch](https://github.com/maurosoria/dirsearch) 提供了默认字典
+* [dirsearch](https://github.com/maurosoria/dirsearch) 提供了默认字典
--- a/core/ihttp/request.go
+++ b/core/ihttp/request.go
@ -31,26 +31,18 @@ type Request struct {
 	ClientType      int
 }

-func (r *Request) SetHeaders(header map[string]string, RandomUA bool) {
-	if header["User-Agent"] == "" {
-		if RandomUA {
-			header["User-Agent"] = pkg.RandomUA()
-		} else {
-			header["User-Agent"] = pkg.DefaultUserAgent
-		}
-	}
-
-	if header["Accept"] == "" {
-		header["Accept"] = "*/*"
+func (r *Request) SetHeaders(header http.Header, RandomUA bool) {
+	if RandomUA {
+		r.SetHeader("User-Agent", pkg.RandomUA())
 	}

 	if r.StandardRequest != nil {
-		for k, v := range header {
-			r.StandardRequest.Header.Set(k, v)
-		}
+		r.StandardRequest.Header = header
 	} else if r.FastRequest != nil {
 		for k, v := range header {
-			r.FastRequest.Header.Set(k, v)
+			for _, i := range v {
+				r.FastRequest.Header.Set(k, i)
+			}
 		}
 	}
 }
--- a/core/option.go
+++ b/core/option.go
@ -99,7 +99,7 @@ type OutputOptions struct {

 type RequestOptions struct {
 	Method          string   `short:"X" long:"method" default:"GET" description:"String, request method, e.g.: --method POST" config:"method"`
-	Headers         []string `long:"header" description:"Strings, custom headers, e.g.: --header 'Auth: example_auth'" config:"headers"`
+	Headers         []string `short:"H" long:"header" description:"Strings, custom headers, e.g.: --header 'Auth: example_auth'" config:"headers"`
 	UserAgent       string   `long:"user-agent" description:"String, custom user-agent, e.g.: --user-agent Custom" config:"useragent"`
 	RandomUserAgent bool     `long:"random-agent" description:"Bool, use random with default user-agent" config:"random-useragent"`
 	Cookie          []string `long:"cookie" description:"Strings, custom cookie" config:"cookies"`
--- a/core/pool/brutepool.go
+++ b/core/pool/brutepool.go
@ -394,7 +394,6 @@ func (pool *BrutePool) NoScopeInvoke(v interface{}) {
 		return
 	}
 	req.SetHeaders(pool.Headers, pool.RandomUserAgent)
-	req.SetHeader("User-Agent", pkg.RandomUA())
 	resp, reqerr := pool.client.Do(req)
 	if pool.ClientType == ihttp.FAST {
 		defer fasthttp.ReleaseResponse(resp.FastResponse)
--- a/core/pool/checkpool.go
+++ b/core/pool/checkpool.go
@ -36,7 +36,7 @@ func NewCheckPool(ctx context.Context, config *Config) (*CheckPool, error) {
 			processCh:  make(chan *baseline.Baseline, config.Thread),
 		},
 	}
-	pool.Headers = map[string]string{"Connection": "close"}
+	pool.Headers.Set("Connection", "close")
 	p, _ := ants.NewPoolWithFunc(config.Thread, pool.Invoke)

 	pool.Pool = p
--- a/core/pool/config.go
+++ b/core/pool/config.go
@ -7,6 +7,7 @@ import (
 	"github.com/chainreactors/words"
 	"github.com/chainreactors/words/rule"
 	"github.com/expr-lang/expr/vm"
+	"net/http"
 	"sync"
 	"time"
 )
@ -27,7 +28,7 @@ type Config struct {
 	BreakThreshold    int32
 	Method            string
 	Mod               SprayMod
-	Headers           map[string]string
+	Headers           http.Header
 	ClientType        int
 	MatchExpr         *vm.Program
 	FilterExpr        *vm.Program
--- a/core/runner.go
+++ b/core/runner.go
@ -15,6 +15,7 @@ import (
 	"github.com/panjf2000/ants/v2"
 	"github.com/vbauerster/mpb/v8"
 	"github.com/vbauerster/mpb/v8/decor"
+	"net/http"
 	"strings"
 	"sync"
 	"time"
@ -67,7 +68,7 @@ func (r *Runner) PrepareConfig() *pool.Config {
 		Thread:         r.Threads,
 		Timeout:        time.Duration(r.Timeout) * time.Second,
 		RateLimit:      r.RateLimit,
-		Headers:        r.Headers,
+		Headers:        make(http.Header),
 		Method:         r.Method,
 		Mod:            pool.ModMap[r.Mod],
 		OutputCh:       r.outputCh,
@ -109,6 +110,18 @@ func (r *Runner) PrepareConfig() *pool.Config {
 		}
 	}

+	for k, v := range r.Headers {
+		config.Headers.Set(k, v)
+	}
+
+	if config.Headers.Get("User-Agent") == "" {
+		config.Headers.Set("User-Agent", pkg.DefaultUserAgent)
+	}
+
+	if config.Headers.Get("Accept") == "" {
+		config.Headers.Set("Accept", "*/*")
+	}
+
 	return config
 }
Author	SHA1	Message	Date
M09Ic	fb63ed010c	Update README.md	2025-04-10 19:30:21 +08:00
M09Ic	0d700f8ea0	Update README.md	2025-03-04 15:10:37 +08:00
M09Ic	c82f0564f5	Merge pull request #95 from chainreactors/dev merge v1.2.1	2025-03-04 15:06:24 +08:00
M09Ic	08ce95b43d	fix: check pool net set headers	2025-03-04 14:58:28 +08:00
M09Ic	c746c26ff9	fix: brute init not set header, https://github.com/chainreactors/spray/issues/94	2025-03-04 14:56:48 +08:00
M09Ic	b13903ea98	fix: map panic, https://github.com/chainreactors/spray/issues/93	2025-03-04 14:45:31 +08:00
M09Ic	e951b68e75	Merge pull request #92 from chainreactors/dev fix: adapt template yaml	2025-02-23 00:08:33 +08:00
M09Ic	72720a942d	Merge pull request #91 from chainreactors/dev merge v1.2.0	2025-02-22 21:14:47 +08:00
M09Ic	7621514bd9	Merge pull request #79 from chainreactors/dev merge v1.1.6	2024-11-01 13:54:13 +08:00
M09Ic	2a68d0b49b	Merge pull request #76 from chainreactors/dev merge v1.1.3	2024-09-28 10:58:07 +08:00
M09Ic	2f28b0ec3c	Merge pull request #74 from chainreactors/dev merge v1.1.2	2024-09-10 18:03:59 +08:00
M09Ic	2e8a923bac	Merge pull request #67 from chainreactors/dev merge v1.1.1	2024-08-29 14:38:18 +08:00
M09Ic	f6037d7a1e	Merge pull request #65 from chainreactors/dev merge v1.1.0	2024-08-27 14:30:40 +08:00
M09Ic	bf6d1c5f0b	Merge pull request #57 from chainreactors/dev merge v1.0.2	2024-08-20 16:53:55 +08:00
M09Ic	8bf4b374ac	Merge pull request #54 from chainreactors/dev merge v1.0.1	2024-08-06 16:53:00 +08:00
M09Ic	3791b765ea	Merge pull request #52 from chainreactors/dev merge v1.0.0	2024-07-29 17:08:42 +08:00
M09Ic	bb98110292	Merge pull request #45 from chainreactors/dev rm same status with random baseline filter	2024-07-04 15:40:23 +08:00
M09Ic	0d4a3652ce	Merge pull request #41 from chainreactors/dev merge v0.9.8	2024-06-24 14:40:36 +08:00
M09Ic	c4d4efe6b7	Merge pull request #27 from chainreactors/dev merge v0.9.5	2024-03-04 20:05:57 +08:00
M09Ic	4e28fb59b4	Merge pull request #26 from chainreactors/dev merge v0.9.4	2024-02-20 19:17:56 +08:00
M09Ic	be19895446	Merge pull request #24 from chainreactors/dev merge v0.9.3	2024-02-12 17:06:42 +08:00
M09Ic	63b39cead1	Merge pull request #9 from chainreactors/dev merge v0.9.1	2023-06-12 10:46:24 +08:00
M09Ic	c5bbe36289	Merge pull request #5 from chainreactors/issue4 fix. url list file parse bug	2023-06-06 20:34:51 +08:00
M09Ic	1eddc5fcd3	fix. url list file parse bug	2023-06-03 22:33:38 +08:00