Version: 3.3.4 Update

Update 问题反馈.md
Version: 3.3.3 Update
2024-10-14 16:35:20 +08:00 · 2024-09-23 00:05:40 +08:00 · 2024-09-19 17:45:47 +08:00 · 2024-09-19 17:11:55 +08:00 · 2024-09-19 17:08:46 +08:00 · 2024-08-28 16:19:24 +08:00
20 changed files with 634 additions and 486 deletions
--- a/.github/ISSUE_TEMPLATE/问题反馈.md
+++ b/.github/ISSUE_TEMPLATE/问题反馈.md
@@ -14,7 +14,9 @@ HaE 版本：
 有无自定义规则：
 BurpSuite 版本：
 操作系统版本：
-有无仔细阅读README：
+是否阅读README：
 是否知晓注意事项：
 是否查阅历史ISSUE：
 ```
 ## 问题详情
--- a/README.md
+++ b/README.md
@@ -12,6 +12,15 @@
 > 随着现代化Web应用采用前后端分离的开发模式，日常漏洞挖掘的过程中，捕获的HTTP请求流量也相应增加。若想全面评估一个Web应用，会花费大量时间在无用的报文上。**HaE的出现旨在解决这类情况**，借助HaE，您能够**有效减少**测试时间，将更多精力集中在**有价值且有意义**的报文上，从而**提高漏洞挖掘效率**。
 GitHub项目地址：https://github.com/gh0stkey/HaE
 GitCode项目地址：https://gitcode.com/gh0stkey/HaE
 **所获荣誉**:
 1. [入选2022年KCon兵器谱](https://mp.weixin.qq.com/s/JohMsl1WD29LHCHuLf8mVQ)
 2. [入选GitCode G-Star项目](https://gitcode.com/gh0stkey/HaE)
 **注意事项**:
 1. HaE 3.3版本开启了AI+新功能，该功能目前仅支持阿里的`Qwen-Long`模型（支持超长文本）和月之暗面的`moonshot-v1-128k`模型（支持短文本），请配置和使用时注意。
--- a/build.gradle
+++ b/build.gradle
@@ -22,6 +22,8 @@ dependencies {
    implementation 'org.yaml:snakeyaml:2.0'
    implementation 'dk.brics.automaton:automaton:1.11-8'
    implementation 'com.github.ben-manes.caffeine:caffeine:3.1.8'
    implementation 'com.google.code.gson:gson:2.11.0'
    implementation 'com.squareup.okhttp3:okhttp:4.12.0'
 }
 test {
--- a/images/databoard.png
+++ b/images/databoard.png
--- a/images/markinfo.png
+++ b/images/markinfo.png
--- a/src/main/java/hae/Config.java
+++ b/src/main/java/hae/Config.java
@@ -10,6 +10,12 @@ public class Config {
    public static String host = "gh0st.cn";
    public static String status = "404";
    public static String size = "0";
    public static String boundary = "\n\t\n";
    public static String[] scope = new String[]{
            "any",
            "any header",
--- a/src/main/java/hae/HaE.java
+++ b/src/main/java/hae/HaE.java
@@ -18,7 +18,7 @@ public class HaE implements BurpExtension {
    @Override
    public void initialize(MontoyaApi api) {
        // 设置扩展名称
-        String version = "3.3";
+        String version = "3.3.4";
        api.extension().setName(String.format("HaE (%s) - Highlighter and Extractor", version));
        // 加载扩展后输出的项目信息
@@ -30,7 +30,7 @@ public class HaE implements BurpExtension {
        // 配置文件加载
        ConfigLoader configLoader = new ConfigLoader(api);
-        MessageTableModel messageTableModel = new MessageTableModel(api);
+        MessageTableModel messageTableModel = new MessageTableModel(api, configLoader);
        // 注册Tab页（用于查询数据）
        api.userInterface().registerSuiteTab("HaE", new Main(api, configLoader, messageTableModel));
--- a/src/main/java/hae/component/config/Config.java
+++ b/src/main/java/hae/component/config/Config.java
@@ -1,4 +1,4 @@
-package hae.component.config;
+package hae.component;
 import burp.api.montoya.MontoyaApi;
 import hae.component.rule.Rules;
@@ -27,24 +27,23 @@ public class Config extends JPanel {
    private final MontoyaApi api;
    private final ConfigLoader configLoader;
    private final Rules rules;
    private JTextField addTextField;
    private final String defaultText = "Enter a new item";
    private final GridBagConstraints constraints = new GridBagConstraints();
    public Config(MontoyaApi api, ConfigLoader configLoader, Rules rules) {
        this.api = api;
        this.configLoader = configLoader;
        this.rules = rules;
        constraints.weightx = 1.0;
        constraints.fill = GridBagConstraints.HORIZONTAL;
        initComponents();
    }
    private void initComponents() {
        setLayout(new BorderLayout());
        GridBagConstraints constraints = new GridBagConstraints();
        constraints.weightx = 1.0;
        constraints.fill = GridBagConstraints.HORIZONTAL;
        JPanel ruleInfoPanel = new JPanel(new GridBagLayout());
        ruleInfoPanel.setBorder(new EmptyBorder(10, 15, 5, 15));
@@ -67,7 +66,7 @@ public class Config extends JPanel {
        constraints.gridx = 1;
        JTabbedPane configTabbedPanel = new JTabbedPane();
-        String[] settingMode = new String[]{"Exclude suffix", "Block host"};
+        String[] settingMode = new String[]{"Exclude suffix", "Block host", "Exclude status", "Limit size (MB)"};
        JPanel settingPanel = createConfigTablePanel(settingMode, "Setting");
        JPanel scopePanel = getScopePanel();
        JScrollPane scopeScrollPane = new JScrollPane(scopePanel);
@@ -148,6 +147,19 @@ public class Config extends JPanel {
                        configLoader.setBlockHost(values);
                    }
                }
                if (selected.equals("Exclude status")) {
                    if (!values.equals(configLoader.getExcludeStatus()) && !values.isEmpty()) {
                        configLoader.setExcludeStatus(values);
                    }
                }
                if (selected.contains("Limit size")) {
                    if (!values.equals(configLoader.getExcludeStatus()) && !values.isEmpty()) {
                        String[] limit = values.split("\\|");
                        configLoader.setLimitSize(limit[limit.length - 1]);
                    }
                }
            }
        };
    }
@@ -166,6 +178,14 @@ public class Config extends JPanel {
                if (selected.equals("Block host")) {
                    addDataToTable(configLoader.getBlockHost().replaceAll("\\|", "\r\n"), model);
                }
                if (selected.equals("Exclude status")) {
                    addDataToTable(configLoader.getExcludeStatus().replaceAll("\\|", "\r\n"), model);
                }
                if (selected.contains("Limit size")) {
                    addDataToTable(configLoader.getLimitSize(), model);
                }
            }
        };
    }
@@ -211,6 +231,10 @@ public class Config extends JPanel {
    }
    private JPanel createConfigTablePanel(String[] mode, String type) {
        GridBagConstraints constraints = new GridBagConstraints();
        constraints.weightx = 1.0;
        constraints.fill = GridBagConstraints.HORIZONTAL;
        JPanel settingPanel = new JPanel(new BorderLayout());
        DefaultTableModel model = new DefaultTableModel();
@@ -255,7 +279,7 @@ public class Config extends JPanel {
        constraints.gridy = 4;
        buttonPanel.add(clearButton, constraints);
-        addTextField = new JTextField();
+        JTextField addTextField = new JTextField();
        UIEnhancer.setTextFieldPlaceholder(addTextField, defaultText);
        inputPanelB.add(addTextField, BorderLayout.CENTER);
@@ -266,13 +290,13 @@ public class Config extends JPanel {
        settingPanel.add(inputPanel, BorderLayout.CENTER);
-        addButton.addActionListener(e -> addActionPerformed(e, model));
+        addButton.addActionListener(e -> addActionPerformed(e, model, addTextField, setTypeComboBox.getSelectedItem().toString()));
        addTextField.addKeyListener(new KeyAdapter() {
            @Override
            public void keyPressed(KeyEvent e) {
                if (e.getKeyCode() == KeyEvent.VK_ENTER) {
-                    addActionPerformed(null, model);
+                    addActionPerformed(null, model, addTextField, setTypeComboBox.getSelectedItem().toString());
                }
            }
        });
@@ -281,7 +305,9 @@ public class Config extends JPanel {
            Clipboard clipboard = Toolkit.getDefaultToolkit().getSystemClipboard();
            try {
                String data = (String) clipboard.getData(DataFlavor.stringFlavor);
-
+                if (setTypeComboBox.getSelectedItem().toString().contains("Limit size")) {
                    model.setRowCount(0);
                }
                if (data != null && !data.isEmpty()) {
                    addDataToTable(data, model);
                }
@@ -372,14 +398,17 @@ public class Config extends JPanel {
        configLoader.setScope(String.join("|", HaEScope));
    }
-    private void addActionPerformed(ActionEvent e, DefaultTableModel model) {
+    private void addActionPerformed(ActionEvent e, DefaultTableModel model, JTextField addTextField, String comboBoxSelected) {
        String addTextFieldText = addTextField.getText();
-        if (!addTextFieldText.equals(defaultText)) {
+        if (addTextField.getForeground().equals(Color.BLACK)) {
-            addDataToTable(addTextFieldText, model);
+            if (comboBoxSelected.contains("Limit size")) {
                model.setRowCount(0);
            }
            addDataToTable(addTextFieldText, model);
            addTextField.setText("");
            addTextField.requestFocusInWindow();
        }
    }
    private void onlineUpdateActionPerformed(ActionEvent e) {
        // 添加提示框防止用户误触导致配置更新
--- a/src/main/java/hae/component/Main.java
+++ b/src/main/java/hae/component/Main.java
@@ -3,7 +3,6 @@ package hae.component;
 import burp.api.montoya.MontoyaApi;
 import hae.component.board.Databoard;
 import hae.component.board.message.MessageTableModel;
 import hae.component.config.Config;
 import hae.component.rule.Rules;
 import hae.utils.ConfigLoader;
--- a/src/main/java/hae/component/board/Databoard.java
+++ b/src/main/java/hae/component/board/Databoard.java
@@ -8,14 +8,17 @@ import hae.component.board.message.MessageTableModel.MessageTable;
 import hae.component.board.table.Datatable;
 import hae.instances.http.utils.RegularMatcher;
 import hae.utils.ConfigLoader;
 import hae.utils.UIEnhancer;
 import hae.utils.project.ProjectProcessor;
 import hae.utils.project.model.HaeFileContent;
 import hae.utils.string.StringProcessor;
 import javax.swing.*;
 import javax.swing.border.TitledBorder;
 import javax.swing.event.DocumentEvent;
 import javax.swing.event.DocumentListener;
 import javax.swing.filechooser.FileNameExtensionFilter;
 import javax.swing.table.DefaultTableModel;
 import javax.swing.table.TableColumnModel;
 import javax.swing.table.TableModel;
 import javax.swing.table.TableRowSorter;
@@ -49,8 +52,10 @@ public class Databoard extends JPanel {
    private SwingWorker<Map<String, List<String>>, Void> handleComboBoxWorker;
    private SwingWorker<Void, Void> applyHostFilterWorker;
-    private SwingWorker<List<String>, Void> exportActionWorker;
+    private SwingWorker<List<Object[]>, Void> exportActionWorker;
-    private SwingWorker<List<String>, Void> importActionWorker;
+    private SwingWorker<List<Object[]>, Void> importActionWorker;
    private final String defaultText = "Please enter the host";
    public Databoard(MontoyaApi api, ConfigLoader configLoader, MessageTableModel messageTableModel) {
        this.api = api;
@@ -83,6 +88,7 @@ public class Databoard extends JPanel {
        menu.add(menuPanel);
        hostTextField = new JTextField();
        UIEnhancer.setTextFieldPlaceholder(hostTextField, defaultText);
        splitPane = new JSplitPane(JSplitPane.HORIZONTAL_SPLIT);
        dataTabbedPane = new JTabbedPane(JTabbedPane.TOP);
@@ -193,11 +199,11 @@ public class Databoard extends JPanel {
    private void handleComboBoxAction(ActionEvent e) {
        if (!isMatchHost && hostComboBox.getSelectedItem() != null) {
            progressBar.setVisible(true);
            setProgressBar(true);
            String selectedHost = hostComboBox.getSelectedItem().toString();
            if (getHostByList().contains(selectedHost)) {
                progressBar.setVisible(true);
                setProgressBar(true);
                hostTextField.setText(selectedHost);
                if (handleComboBoxWorker != null && !handleComboBoxWorker.isDone()) {
@@ -385,9 +391,9 @@ public class Databoard extends JPanel {
            exportActionWorker.cancel(true);
        }
-        exportActionWorker = new SwingWorker<List<String>, Void>() {
+        exportActionWorker = new SwingWorker<List<Object[]>, Void>() {
            @Override
-            protected List<String> doInBackground() {
+            protected List<Object[]> doInBackground() {
                ConcurrentHashMap<String, Map<String, List<String>>> dataMap = Config.globalDataMap;
                return exportData(selectedHost, exportDir, dataMap);
            }
@@ -395,11 +401,9 @@ public class Databoard extends JPanel {
            @Override
            protected void done() {
                try {
-                    List<String> taskStatusList = get();
+                    List<Object[]> taskStatusList = get();
                    if (!taskStatusList.isEmpty()) {
-                        String exportStatusMessage = String.format("Exported File List Status:\n%s", String.join("\n", taskStatusList));
+                        JOptionPane.showMessageDialog(Databoard.this, generateTaskStatusPane(taskStatusList), "Info", JOptionPane.INFORMATION_MESSAGE);
                        JOptionPane.showMessageDialog(Databoard.this, generateTaskStatusPane(exportStatusMessage), "Info", JOptionPane.INFORMATION_MESSAGE);
                    }
                } catch (Exception ignored) {
                }
@@ -409,17 +413,36 @@ public class Databoard extends JPanel {
        exportActionWorker.execute();
    }
-    private JScrollPane generateTaskStatusPane(String message) {
+    private JScrollPane generateTaskStatusPane(List<Object[]> dataList) {
-        JTextArea textArea = new JTextArea(message);
+        String[] columnNames = {"#", "Filename", "Status"};
-        textArea.setEditable(false);
+        DefaultTableModel taskStatusTableModel = new DefaultTableModel(columnNames, 0);
-        textArea.setLineWrap(true);
+        JTable taskStatusTable = new JTable(taskStatusTableModel);
-        JScrollPane scrollPane = new JScrollPane(textArea);
+
-        scrollPane.setPreferredSize(new Dimension(400, 200));
+        for (Object[] data : dataList) {
            int rowCount = taskStatusTableModel.getRowCount();
            int id = rowCount > 0 ? (Integer) taskStatusTableModel.getValueAt(rowCount - 1, 0) + 1 : 1;
            Object[] rowData = new Object[data.length + 1];
            rowData[0] = id;
            System.arraycopy(data, 0, rowData, 1, data.length);
            taskStatusTableModel.addRow(rowData);
        }
        TableRowSorter<DefaultTableModel> sorter = new TableRowSorter<>(taskStatusTableModel);
        taskStatusTable.setRowSorter(sorter);
        JScrollPane scrollPane = new JScrollPane(taskStatusTable);
        scrollPane.setBorder(new TitledBorder("Task status"));
        scrollPane.setPreferredSize(new Dimension(500, 300));
        int paneWidth = scrollPane.getPreferredSize().width;
        taskStatusTable.getColumnModel().getColumn(0).setPreferredWidth((int) (paneWidth * 0.1));
        taskStatusTable.getColumnModel().getColumn(1).setPreferredWidth((int) (paneWidth * 0.7));
        taskStatusTable.getColumnModel().getColumn(2).setPreferredWidth((int) (paneWidth * 0.2));
        return scrollPane;
    }
-    private List<String> exportData(String selectedHost, String exportDir, Map<String, Map<String, List<String>>> dataMap) {
+    private List<Object[]> exportData(String selectedHost, String exportDir, Map<String, Map<String, List<String>>> dataMap) {
        return dataMap.entrySet().stream()
                .filter(entry -> selectedHost.equals("*") || StringProcessor.matchesHostPattern(entry.getKey(), selectedHost))
                .filter(entry -> !entry.getKey().contains("*"))
@@ -428,7 +451,7 @@ public class Databoard extends JPanel {
                .collect(Collectors.toList());
    }
-    private String exportEntry(Map.Entry<String, Map<String, List<String>>> entry, String exportDir) {
+    private Object[] exportEntry(Map.Entry<String, Map<String, List<String>>> entry, String exportDir) {
        String key = entry.getKey();
        Map<String, List<String>> ruleMap = entry.getValue();
@@ -442,7 +465,7 @@ public class Databoard extends JPanel {
                .collect(Collectors.toMap(
                        messageEntry -> messageEntry,
                        messageEntry -> StringProcessor.getRandomUUID(),
-                        (existing, replacement) -> existing // 在冲突时保留现有的映射
+                        (existing, replacement) -> existing
                ));
        Map<String, Map<String, Object>> httpMap = processEntries(
@@ -463,7 +486,7 @@ public class Databoard extends JPanel {
        String filename = String.format("%s/%s-%s.hae", exportDir, StringProcessor.getCurrentTime(), hostName);
        boolean createdStatus = projectProcessor.createHaeFile(filename, key, ruleMap, urlMap, httpMap);
-        return String.format("Filename: %s, Status: %s", filename, createdStatus);
+        return new Object[]{filename, createdStatus};
    }
@@ -507,9 +530,9 @@ public class Databoard extends JPanel {
            importActionWorker.cancel(true);
        }
-        importActionWorker = new SwingWorker<List<String>, Void>() {
+        importActionWorker = new SwingWorker<List<Object[]>, Void>() {
            @Override
-            protected List<String> doInBackground() {
+            protected List<Object[]> doInBackground() {
                List<String> filesWithExtension = findFilesWithExtension(new File(exportDir), ".hae");
                return filesWithExtension.stream()
                        .map(Databoard.this::importData)
@@ -519,10 +542,9 @@ public class Databoard extends JPanel {
            @Override
            protected void done() {
                try {
-                    List<String> taskStatusList = get();
+                    List<Object[]> taskStatusList = get();
                    if (!taskStatusList.isEmpty()) {
-                        String importStatusMessage = "Imported File List Status:\n" + String.join("\n", taskStatusList);
+                        JOptionPane.showMessageDialog(Databoard.this, generateTaskStatusPane(taskStatusList), "Info", JOptionPane.INFORMATION_MESSAGE);
                        JOptionPane.showMessageDialog(Databoard.this, generateTaskStatusPane(importStatusMessage), "Info", JOptionPane.INFORMATION_MESSAGE);
                    }
                } catch (Exception ignored) {
                }
@@ -532,7 +554,7 @@ public class Databoard extends JPanel {
        importActionWorker.execute();
    }
-    private String importData(String filename) {
+    private Object[] importData(String filename) {
        ExecutorService executor = Executors.newFixedThreadPool(Runtime.getRuntime().availableProcessors() * 2);
        HaeFileContent haeFileContent = projectProcessor.readHaeFile(filename);
@@ -568,7 +590,7 @@ public class Databoard extends JPanel {
            }
        }
-        return String.format("Filename: %s, Status: %s", filename, readStatus);
+        return new Object[]{filename, readStatus};
    }
    private List<String> findFilesWithExtension(File directory, String extension) {
@@ -648,6 +670,8 @@ public class Databoard extends JPanel {
            }
            messageTableModel.deleteByHost(host);
            hostTextField.setText("");
        }
    }
 }
--- a/src/main/java/hae/component/board/message/MessageTableModel.java
+++ b/src/main/java/hae/component/board/message/MessageTableModel.java
@@ -1,7 +1,6 @@
 package hae.component.board.message;
 import burp.api.montoya.MontoyaApi;
 import burp.api.montoya.core.ByteArray;
 import burp.api.montoya.http.message.HttpHeader;
 import burp.api.montoya.http.message.HttpRequestResponse;
 import burp.api.montoya.http.message.requests.HttpRequest;
@@ -11,6 +10,7 @@ import burp.api.montoya.ui.editor.HttpRequestEditor;
 import burp.api.montoya.ui.editor.HttpResponseEditor;
 import hae.Config;
 import hae.cache.CachePool;
 import hae.utils.ConfigLoader;
 import hae.utils.project.FileProcessor;
 import hae.utils.string.HashCalculator;
 import hae.utils.string.StringProcessor;
@@ -23,6 +23,8 @@ import javax.swing.table.TableRowSorter;
 import java.nio.charset.StandardCharsets;
 import java.text.MessageFormat;
 import java.util.*;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
 import java.util.concurrent.atomic.AtomicBoolean;
 import java.util.stream.Collectors;
@@ -30,15 +32,17 @@ import static burp.api.montoya.ui.editor.EditorOptions.READ_ONLY;
 public class MessageTableModel extends AbstractTableModel {
    private final MontoyaApi api;
    private final ConfigLoader configLoader;
    private final MessageTable messageTable;
    private final JSplitPane splitPane;
    private final LinkedList<MessageEntry> log = new LinkedList<>();
    private final LinkedList<MessageEntry> filteredLog;
    private SwingWorker<Void, Void> currentWorker;
-    public MessageTableModel(MontoyaApi api) {
+    public MessageTableModel(MontoyaApi api, ConfigLoader configLoader) {
        this.filteredLog = new LinkedList<>();
        this.api = api;
        this.configLoader = configLoader;
        JTabbedPane messageTab = new JTabbedPane();
        UserInterface userInterface = api.userInterface();
@@ -435,7 +439,7 @@ public class MessageTableModel extends AbstractTableModel {
    public class MessageTable extends JTable {
        private MessageEntry messageEntry;
-        private SwingWorker<Object, Void> currentWorker;
+        private final ExecutorService executorService;
        private int lastSelectedIndex = -1;
        private final HttpRequestEditor requestEditor;
        private final HttpResponseEditor responseEditor;
@@ -444,41 +448,31 @@ public class MessageTableModel extends AbstractTableModel {
            super(messageTableModel);
            this.requestEditor = requestEditor;
            this.responseEditor = responseEditor;
            this.executorService = Executors.newSingleThreadExecutor();
        }
        @Override
        public void changeSelection(int row, int col, boolean toggle, boolean extend) {
            super.changeSelection(row, col, toggle, extend);
            requestEditor.setRequest(HttpRequest.httpRequest("Loading..."));
            responseEditor.setResponse(HttpResponse.httpResponse("Loading..."));
            if (currentWorker != null && !currentWorker.isDone()) {
                currentWorker.cancel(true);
            }
            currentWorker = new SwingWorker<>() {
                @Override
                protected Void doInBackground() {
            int selectedIndex = convertRowIndexToModel(row);
            if (lastSelectedIndex != selectedIndex) {
                lastSelectedIndex = selectedIndex;
-                        messageEntry = filteredLog.get(selectedIndex);
+                executorService.execute(this::getSelectedMessage);
            }
        }
        private void getSelectedMessage() {
            messageEntry = filteredLog.get(lastSelectedIndex);
            HttpRequestResponse httpRequestResponse = messageEntry.getRequestResponse();
-                        ByteArray requestByte = httpRequestResponse.request().toByteArray();
+            requestEditor.setRequest(HttpRequest.httpRequest(messageEntry.getRequestResponse().httpService(), httpRequestResponse.request().toByteArray()));
-                        ByteArray responseByte = httpRequestResponse.response().toByteArray();
+            int responseSizeWithMb = httpRequestResponse.response().toString().length() / 1024 / 1024;
-
+            if ((responseSizeWithMb < Integer.parseInt(configLoader.getLimitSize())) || configLoader.getLimitSize().equals("0")) {
-                        requestEditor.setRequest(HttpRequest.httpRequest(messageEntry.getRequestResponse().httpService(), requestByte));
+                responseEditor.setResponse(httpRequestResponse.response());
-                        responseEditor.setResponse(HttpResponse.httpResponse(responseByte));
+            } else {
-
+                responseEditor.setResponse(HttpResponse.httpResponse("Exceeds length limit."));
            }
                    return null;
                }
            };
            currentWorker.execute();
        }
    }
 }
--- a/src/main/java/hae/component/board/table/AIPower.java
+++ b/src/main/java/hae/component/board/table/AIPower.java
@@ -34,7 +34,7 @@ public class AIPower {
    public AIPower(MontoyaApi api, ConfigLoader configLoader, String aiModel, String aiBaseUrl, String[] apiKey) {
        this.api = api;
        this.configLoader = configLoader;
-        this.httpUtils = new HttpUtils(api);
+        this.httpUtils = new HttpUtils(api, configLoader);
        this.aiModel = aiModel;
        this.aiBaseUrl = aiBaseUrl;
--- a/src/main/java/hae/component/board/table/Datatable.java
+++ b/src/main/java/hae/component/board/table/Datatable.java
@@ -23,6 +23,7 @@ import java.awt.event.ActionEvent;
 import java.awt.event.MouseAdapter;
 import java.awt.event.MouseEvent;
 import java.lang.reflect.Type;
 import java.util.ArrayList;
 import java.util.Comparator;
 import java.util.List;
 import java.util.Map;
@@ -34,6 +35,7 @@ public class Datatable extends JPanel {
    private final JTable dataTable;
    private final DefaultTableModel dataTableModel;
    private final JTextField searchField;
    private final JTextField secondSearchField;
    private final TableRowSorter<DefaultTableModel> sorter;
    private final JCheckBox searchMode = new JCheckBox("Reverse search");
    private final String tabName;
@@ -52,7 +54,8 @@ public class Datatable extends JPanel {
        this.dataTable = new JTable(dataTableModel);
        this.sorter = new TableRowSorter<>(dataTableModel);
-        this.searchField = new JTextField();
+        this.searchField = new JTextField(10);
        this.secondSearchField = new JTextField(10);
        this.aiEmpoweredMenu = new JPopupMenu();
        this.footerPanel = new JPanel(new BorderLayout(0, 5));
@@ -70,21 +73,13 @@ public class Datatable extends JPanel {
            }
        });
        dataTable.setRowSorter(sorter);
        TableColumn idColumn = dataTable.getColumnModel().getColumn(0);
        idColumn.setMaxWidth(50);
        for (String item : dataList) {
            if (!item.isEmpty()) {
                addRowToTable(new Object[]{item});
            }
        }
-        // 设置灰色默认文本
+        UIEnhancer.setTextFieldPlaceholder(searchField, "Search");
        String searchText = "Search";
        UIEnhancer.setTextFieldPlaceholder(searchField, searchText);
        // 监听输入框内容输入、更新、删除
        searchField.getDocument().addDocumentListener(new DocumentListener() {
            @Override
            public void insertUpdate(DocumentEvent e) {
@@ -103,10 +98,34 @@ public class Datatable extends JPanel {
        });
        UIEnhancer.setTextFieldPlaceholder(secondSearchField, "Second search");
        secondSearchField.getDocument().addDocumentListener(new DocumentListener() {
            @Override
            public void insertUpdate(DocumentEvent e) {
                performSearch();
            }
            @Override
            public void removeUpdate(DocumentEvent e) {
                performSearch();
            }
            @Override
            public void changedUpdate(DocumentEvent e) {
                performSearch();
            }
        });
        // 设置布局
        JScrollPane scrollPane = new JScrollPane(dataTable);
        scrollPane.setVerticalScrollBarPolicy(ScrollPaneConstants.VERTICAL_SCROLLBAR_ALWAYS);
        dataTable.setRowSorter(sorter);
        TableColumn idColumn = dataTable.getColumnModel().getColumn(0);
        idColumn.setPreferredWidth(50);
        idColumn.setMaxWidth(100);
        setLayout(new BorderLayout(0, 5));
        JPanel optionsPanel = new JPanel();
@@ -162,6 +181,8 @@ public class Datatable extends JPanel {
        optionsPanel.add(Box.createHorizontalStrut(5));
        optionsPanel.add(searchField);
        optionsPanel.add(Box.createHorizontalStrut(5));
        optionsPanel.add(secondSearchField);
        optionsPanel.add(Box.createHorizontalStrut(5));
        optionsPanel.add(aiEmpoweredButton);
        footerPanel.setBorder(BorderFactory.createEmptyBorder(2, 3, 5, 3));
@@ -252,8 +273,21 @@ public class Datatable extends JPanel {
    }
    private void performSearch() {
        RowFilter<Object, Object> firstRowFilter = applyFirstSearchFilter();
        RowFilter<Object, Object> secondRowFilter = applySecondFilter();
        if (searchField.getForeground().equals(Color.BLACK)) {
-            RowFilter<Object, Object> rowFilter = new RowFilter<Object, Object>() {
+            sorter.setRowFilter(firstRowFilter);
            if (secondSearchField.getForeground().equals(Color.BLACK)) {
                List<RowFilter<Object, Object>> filters = new ArrayList<>();
                filters.add(firstRowFilter);
                filters.add(secondRowFilter);
                sorter.setRowFilter(RowFilter.andFilter(filters));
            }
        }
    }
    private RowFilter<Object, Object> applyFirstSearchFilter() {
        return new RowFilter<Object, Object>() {
            public boolean include(Entry<?, ?> entry) {
                String searchFieldTextText = searchField.getText();
                Pattern pattern = null;
@@ -271,8 +305,27 @@ public class Datatable extends JPanel {
                }
            }
        };
            sorter.setRowFilter(rowFilter);
    }
    private RowFilter<Object, Object> applySecondFilter() {
        return new RowFilter<Object, Object>() {
            public boolean include(Entry<?, ?> entry) {
                String searchFieldTextText = secondSearchField.getText();
                Pattern pattern = null;
                try {
                    pattern = Pattern.compile(searchFieldTextText, Pattern.CASE_INSENSITIVE);
                } catch (Exception ignored) {
                }
                String entryValue = ((String) entry.getValue(1)).toLowerCase();
                searchFieldTextText = searchFieldTextText.toLowerCase();
                if (pattern != null) {
                    return searchFieldTextText.isEmpty() || pattern.matcher(entryValue).find();
                } else {
                    return searchFieldTextText.isEmpty() || entryValue.contains(searchFieldTextText);
                }
            }
        };
    }
    public void setTableListener(MessageTableModel messagePanel) {
--- a/src/main/java/hae/instances/editor/RequestEditor.java
+++ b/src/main/java/hae/instances/editor/RequestEditor.java
@@ -9,9 +9,11 @@ import burp.api.montoya.ui.Selection;
 import burp.api.montoya.ui.editor.extension.EditorCreationContext;
 import burp.api.montoya.ui.editor.extension.ExtensionProvidedHttpRequestEditor;
 import burp.api.montoya.ui.editor.extension.HttpRequestEditorProvider;
 import hae.Config;
 import hae.component.board.table.Datatable;
 import hae.instances.http.utils.MessageProcessor;
 import hae.utils.ConfigLoader;
 import hae.utils.http.HttpUtils;
 import hae.utils.string.StringProcessor;
 import javax.swing.*;
@@ -37,6 +39,7 @@ public class RequestEditor implements HttpRequestEditorProvider {
    private static class Editor implements ExtensionProvidedHttpRequestEditor {
        private final MontoyaApi api;
        private final ConfigLoader configLoader;
        private final HttpUtils httpUtils;
        private final EditorCreationContext creationContext;
        private final MessageProcessor messageProcessor;
        private HttpRequestResponse requestResponse;
@@ -47,6 +50,7 @@ public class RequestEditor implements HttpRequestEditorProvider {
        public Editor(MontoyaApi api, ConfigLoader configLoader, EditorCreationContext creationContext) {
            this.api = api;
            this.configLoader = configLoader;
            this.httpUtils = new HttpUtils(api, configLoader);
            this.creationContext = creationContext;
            this.messageProcessor = new MessageProcessor(api);
        }
@@ -69,16 +73,10 @@ public class RequestEditor implements HttpRequestEditorProvider {
                try {
                    String host = StringProcessor.getHostByUrl(request.url());
                    if (!host.isEmpty()) {
                        String[] hostList = configLoader.getBlockHost().split("\\|");
                        boolean isBlockHost = isBlockHost(hostList, host);
                        List<String> suffixList = Arrays.asList(configLoader.getExcludeSuffix().split("\\|"));
                        String toolType = creationContext.toolSource().toolType().toolName();
-                        boolean isToolScope = configLoader.getScope().contains(toolType);
+                        boolean matches = httpUtils.verifyHttpRequestResponse(requestResponse, toolType);
-                        boolean matches = suffixList.contains(request.fileExtension().toLowerCase()) || isBlockHost || !isToolScope;
+                        if (!matches) {
                        if (!matches && !request.bodyToString().equals("Loading...")) {
                            this.dataList = messageProcessor.processRequest("", request, false);
                            return isListHasData(this.dataList);
                        }
@@ -121,19 +119,6 @@ public class RequestEditor implements HttpRequestEditorProvider {
        }
    }
    public static boolean isBlockHost(String[] hostList, String host) {
        boolean isBlockHost = false;
        for (String hostName : hostList) {
            String cleanedHost = StringProcessor.replaceFirstOccurrence(hostName, "*.", "");
            if (hostName.contains("*.") && StringProcessor.matchFromEnd(host, cleanedHost)) {
                isBlockHost = true;
            } else if (host.equals(hostName) || hostName.equals("*")) {
                isBlockHost = true;
            }
        }
        return isBlockHost;
    }
    public static boolean isListHasData(List<Map<String, String>> dataList) {
        if (dataList != null && !dataList.isEmpty()) {
            Map<String, String> dataMap = dataList.get(0);
@@ -148,7 +133,7 @@ public class RequestEditor implements HttpRequestEditorProvider {
            Map<String, String> dataMap = result.get(0);
            if (dataMap != null && !dataMap.isEmpty()) {
                dataMap.keySet().forEach(i -> {
-                    String[] extractData = dataMap.get(i).split("\n");
+                    String[] extractData = dataMap.get(i).split(Config.boundary);
                    Datatable dataPanel = new Datatable(api, configLoader, i, Arrays.asList(extractData));
                    tabbedPane.addTab(i, dataPanel);
                });
--- a/src/main/java/hae/instances/editor/ResponseEditor.java
+++ b/src/main/java/hae/instances/editor/ResponseEditor.java
@@ -13,11 +13,11 @@ import burp.api.montoya.ui.editor.extension.HttpResponseEditorProvider;
 import hae.component.board.table.Datatable;
 import hae.instances.http.utils.MessageProcessor;
 import hae.utils.ConfigLoader;
 import hae.utils.http.HttpUtils;
 import hae.utils.string.StringProcessor;
 import javax.swing.*;
 import java.awt.*;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Map;
@@ -38,6 +38,7 @@ public class ResponseEditor implements HttpResponseEditorProvider {
    private static class Editor implements ExtensionProvidedHttpResponseEditor {
        private final MontoyaApi api;
        private final ConfigLoader configLoader;
        private final HttpUtils httpUtils;
        private final EditorCreationContext creationContext;
        private final MessageProcessor messageProcessor;
        private HttpRequestResponse requestResponse;
@@ -48,6 +49,7 @@ public class ResponseEditor implements HttpResponseEditorProvider {
        public Editor(MontoyaApi api, ConfigLoader configLoader, EditorCreationContext creationContext) {
            this.api = api;
            this.configLoader = configLoader;
            this.httpUtils = new HttpUtils(api, configLoader);
            this.creationContext = creationContext;
            this.messageProcessor = new MessageProcessor(api);
        }
@@ -75,20 +77,14 @@ public class ResponseEditor implements HttpResponseEditorProvider {
                    try {
                        String host = StringProcessor.getHostByUrl(request.url());
                        if (!host.isEmpty()) {
                            String[] hostList = configLoader.getBlockHost().split("\\|");
                            boolean isBlockHost = RequestEditor.isBlockHost(hostList, host);
                            List<String> suffixList = Arrays.asList(configLoader.getExcludeSuffix().split("\\|"));
                            String toolType = creationContext.toolSource().toolType().toolName();
-                            boolean isToolScope = configLoader.getScope().contains(toolType);
+                            matches = httpUtils.verifyHttpRequestResponse(requestResponse, toolType);
                            matches = suffixList.contains(request.fileExtension().toLowerCase()) || isBlockHost || !isToolScope;
                        }
                    } catch (Exception ignored) {
                    }
                }
-                if (!matches && !response.bodyToString().equals("Loading...")) {
+                if (!matches) {
                    this.dataList = messageProcessor.processResponse("", response, false);
                    return RequestEditor.isListHasData(this.dataList);
                }
--- a/src/main/java/hae/instances/http/HttpMessageHandler.java
+++ b/src/main/java/hae/instances/http/HttpMessageHandler.java
@@ -7,20 +7,20 @@ import burp.api.montoya.http.handler.*;
 import burp.api.montoya.http.message.HttpRequestResponse;
 import burp.api.montoya.http.message.requests.HttpRequest;
 import hae.component.board.message.MessageTableModel;
 import hae.instances.editor.RequestEditor;
 import hae.instances.http.utils.MessageProcessor;
 import hae.utils.ConfigLoader;
 import hae.utils.http.HttpUtils;
 import hae.utils.string.StringProcessor;
 import javax.swing.*;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Map;
 public class HttpMessageHandler implements HttpHandler {
    private final MontoyaApi api;
    private final ConfigLoader configLoader;
    private final HttpUtils httpUtils;
    private final MessageTableModel messageTableModel;
    private final MessageProcessor messageProcessor;
@@ -29,12 +29,11 @@ public class HttpMessageHandler implements HttpHandler {
    private final ThreadLocal<String> host = ThreadLocal.withInitial(() -> "");
    private final ThreadLocal<List<String>> colorList = ThreadLocal.withInitial(ArrayList::new);
    private final ThreadLocal<List<String>> commentList = ThreadLocal.withInitial(ArrayList::new);
    private final ThreadLocal<Boolean> matches = ThreadLocal.withInitial(() -> false);
    private final ThreadLocal<HttpRequest> httpRequest = new ThreadLocal<>();
    public HttpMessageHandler(MontoyaApi api, ConfigLoader configLoader, MessageTableModel messageTableModel) {
        this.api = api;
        this.configLoader = configLoader;
        this.httpUtils = new HttpUtils(api, configLoader);
        this.messageTableModel = messageTableModel;
        this.messageProcessor = new MessageProcessor(api);
    }
@@ -47,22 +46,7 @@ public class HttpMessageHandler implements HttpHandler {
        Annotations annotations = httpRequestToBeSent.annotations();
        try {
            httpRequest.set(httpRequestToBeSent);
            host.set(StringProcessor.getHostByUrl(httpRequestToBeSent.url()));
            String[] hostList = configLoader.getBlockHost().split("\\|");
            boolean isBlockHost = RequestEditor.isBlockHost(hostList, host.get());
            String toolType = httpRequestToBeSent.toolSource().toolType().toolName();
            boolean isToolScope = configLoader.getScope().contains(toolType);
            List<String> suffixList = Arrays.asList(configLoader.getExcludeSuffix().split("\\|"));
            matches.set(suffixList.contains(httpRequestToBeSent.fileExtension().toLowerCase()) || isBlockHost || !isToolScope);
            if (!matches.get()) {
                List<Map<String, String>> result = messageProcessor.processRequest(host.get(), httpRequestToBeSent, true);
                setColorAndCommentList(result);
            }
        } catch (Exception e) {
            api.logging().logToError("handleHttpRequestToBeSent: " + e.getMessage());
        }
@@ -73,10 +57,17 @@ public class HttpMessageHandler implements HttpHandler {
    @Override
    public ResponseReceivedAction handleHttpResponseReceived(HttpResponseReceived httpResponseReceived) {
        Annotations annotations = httpResponseReceived.annotations();
        HttpRequest request = httpResponseReceived.initiatingRequest();
        HttpRequestResponse requestResponse = HttpRequestResponse.httpRequestResponse(request, httpResponseReceived);
        String toolType = httpResponseReceived.toolSource().toolType().toolName();
        boolean matches = httpUtils.verifyHttpRequestResponse(requestResponse, toolType);
        if (!matches) {
            try {
                setColorAndCommentList(messageProcessor.processRequest(host.get(), request, true));
                setColorAndCommentList(messageProcessor.processResponse(host.get(), httpResponseReceived, true));
        if (!matches.get()) {
            List<Map<String, String>> result = messageProcessor.processResponse(host.get(), httpResponseReceived, true);
            setColorAndCommentList(result);
                // 设置高亮颜色和注释
                if (!colorList.get().isEmpty() && !commentList.get().isEmpty()) {
                    String color = messageProcessor.retrieveFinalColor(messageProcessor.retrieveColorIndices(colorList.get()));
@@ -84,11 +75,10 @@ public class HttpMessageHandler implements HttpHandler {
                    String comment = StringProcessor.mergeComment(String.join(", ", commentList.get()));
                    annotations.setNotes(comment);
-                HttpRequestResponse httpRequestResponse = HttpRequestResponse.httpRequestResponse(httpRequest.get(), httpResponseReceived);
+                    HttpRequestResponse httpRequestResponse = HttpRequestResponse.httpRequestResponse(request, httpResponseReceived);
-                // 添加到Databoard
+                    String method = request.method();
-                String method = httpRequest.get().method();
+                    String url = request.url();
                String url = httpRequest.get().url();
                    String status = String.valueOf(httpResponseReceived.statusCode());
                    String length = String.valueOf(httpResponseReceived.toByteArray().length());
@@ -99,7 +89,10 @@ public class HttpMessageHandler implements HttpHandler {
                            messageTableModel.add(httpRequestResponse, url, method, status, length, comment, color, "", "");
                            return null;
                        }
-                }.run();
+                    }.execute();
                }
            } catch (Exception e) {
                api.logging().logToError("handleHttpResponseReceived: " + e.getMessage());
            }
        }
--- a/src/main/java/hae/instances/http/utils/RegularMatcher.java
+++ b/src/main/java/hae/instances/http/utils/RegularMatcher.java
@@ -92,7 +92,7 @@ public class RegularMatcher {
                        if (!result.isEmpty()) {
                            tmpMap.put("color", color);
-                            String dataStr = String.join("\n", result);
+                            String dataStr = String.join(Config.boundary, result);
                            tmpMap.put("data", dataStr);
                            String nameAndSize = String.format("%s (%s)", name, result.size());
--- a/src/main/java/hae/utils/ConfigLoader.java
+++ b/src/main/java/hae/utils/ConfigLoader.java
@@ -77,8 +77,11 @@ public class ConfigLoader {
    public void initConfig() {
        Map<String, Object> r = new LinkedHashMap<>();
-        r.put("excludeSuffix", getExcludeSuffix());
+        r.put("ExcludeSuffix", getExcludeSuffix());
-        r.put("blockHost", getBlockHost());
+        r.put("BlockHost", getBlockHost());
        r.put("ExcludeStatus", getExcludeStatus());
        r.put("LimitSize", getLimitSize());
        r.put("HaEScope", getScope());
        try {
            Writer ws = new OutputStreamWriter(Files.newOutputStream(Paths.get(configFilePath)), StandardCharsets.UTF_8);
            yaml.dump(r, ws);
@@ -147,21 +150,29 @@ public class ConfigLoader {
    }
    public String getBlockHost() {
-        return getValueFromConfig("blockHost", Config.host);
+        return getValueFromConfig("BlockHost", Config.host);
    }
    public String getExcludeSuffix() {
-        return getValueFromConfig("excludeSuffix", Config.suffix);
+        return getValueFromConfig("ExcludeSuffix", Config.suffix);
    }
    public String getExcludeStatus() {
        return getValueFromConfig("ExcludeStatus", Config.status);
    }
    public String getLimitSize() {
        return getValueFromConfig("LimitSize", Config.size);
    }
    public String getScope() {
        return getValueFromConfig("HaEScope", Config.scopeOptions);
    }
-    private String getValueFromConfig(String name, String value) {
+    private String getValueFromConfig(String name, String defaultValue) {
        File yamlSetting = new File(configFilePath);
        if (!yamlSetting.exists() || !yamlSetting.isFile()) {
-            return value;
+            return defaultValue;
        }
        try (InputStream inorder = Files.newInputStream(Paths.get(configFilePath))) {
@@ -173,7 +184,7 @@ public class ConfigLoader {
        } catch (Exception ignored) {
        }
-        return value;
+        return defaultValue;
    }
    public void setAlibabaAIAPIKey(String apiKey) {
@@ -189,11 +200,19 @@ public class ConfigLoader {
    }
    public void setExcludeSuffix(String excludeSuffix) {
-        setValueToConfig("excludeSuffix", excludeSuffix);
+        setValueToConfig("ExcludeSuffix", excludeSuffix);
    }
    public void setBlockHost(String blockHost) {
-        setValueToConfig("blockHost", blockHost);
+        setValueToConfig("BlockHost", blockHost);
    }
    public void setExcludeStatus(String status) {
        setValueToConfig("ExcludeStatus", status);
    }
    public void setLimitSize(String size) {
        setValueToConfig("LimitSize", size);
    }
    public void setScope(String scope) {
--- a/src/main/java/hae/utils/http/HttpUtils.java
+++ b/src/main/java/hae/utils/http/HttpUtils.java
@@ -1,16 +1,24 @@
 package hae.utils.http;
 import burp.api.montoya.MontoyaApi;
-import burp.api.montoya.http.HttpService;
+import burp.api.montoya.http.message.HttpRequestResponse;
 import burp.api.montoya.http.message.requests.HttpRequest;
 import burp.api.montoya.http.message.requests.HttpTransformation;
 import burp.api.montoya.http.message.responses.HttpResponse;
 import burp.api.montoya.utilities.RandomUtils;
 import hae.utils.ConfigLoader;
 import hae.utils.string.StringProcessor;
 import java.util.Arrays;
 import java.util.List;
 public class HttpUtils {
    private final MontoyaApi api;
    private final ConfigLoader configLoader;
-    public HttpUtils(MontoyaApi api) {
+    public HttpUtils(MontoyaApi api, ConfigLoader configLoader) {
        this.api = api;
        this.configLoader = configLoader;
    }
    public HttpRequest generateRequestByMultipartUploadMethod(String url, String name, String filename, String content) {
@@ -18,25 +26,54 @@ public class HttpUtils {
        String boundary = api.utilities().randomUtils().randomString(32, RandomUtils.CharacterSet.ASCII_LETTERS);
-        StringBuilder newBody = new StringBuilder();
+        String newBody = String.format("--%s\r\nContent-Disposition: form-data; name=\"%s\"; filename=\"%s\"\r\n\r\n%s\r\n", boundary, name, filename, content) +
-        newBody.append(String.format("--%s\r\nContent-Disposition: form-data; name=\"%s\"; filename=\"%s\"\r\n\r\n%s\r\n", boundary, name, filename, content));
+                String.format("--%s\r\nContent-Disposition: form-data; name=\"%s\"\r\n\r\n%s\r\n", boundary, "purpose", "file-extract") +
-        newBody.append(String.format("--%s\r\nContent-Disposition: form-data; name=\"%s\"\r\n\r\n%s\r\n", boundary, "purpose", "file-extract"));
+                "--" + boundary + "--\r\n";
        newBody.append("--").append(boundary).append("--\r\n");
-        baseRequest = baseRequest.withUpdatedHeader("Content-Type", "multipart/form-data; boundary=" + boundary).withBody(newBody.toString());
+        baseRequest = baseRequest.withUpdatedHeader("Content-Type", "multipart/form-data; boundary=" + boundary).withBody(newBody);
        return baseRequest;
    }
    public HttpRequest generateRequestByJsonMethod(String url, String data) {
        HttpRequest baseRequest = HttpRequest.httpRequestFromUrl(url).withTransformationApplied(HttpTransformation.TOGGLE_METHOD);
        HttpService baseService = baseRequest.httpService();
        String requestString = baseRequest.toString().replace("application/x-www-form-urlencoded", "application/json");
        baseRequest = HttpRequest.httpRequest(baseService, requestString).withBody(data);
        return baseRequest;
    }
    public HttpRequest generateRequestByDeleteMethod(String url) {
        return HttpRequest.httpRequestFromUrl(url).withMethod("DELETE");
    }
    public boolean verifyHttpRequestResponse(HttpRequestResponse requestResponse, String toolType) {
        HttpRequest request = requestResponse.request();
        HttpResponse response = requestResponse.response();
        boolean retStatus = false;
        try {
            String host = StringProcessor.getHostByUrl(request.url());
            String[] hostList = configLoader.getBlockHost().split("\\|");
            boolean isBlockHost = isBlockHost(hostList, host);
            List<String> suffixList = Arrays.asList(configLoader.getExcludeSuffix().split("\\|"));
            boolean isExcludeSuffix = suffixList.contains(request.fileExtension().toLowerCase());
            boolean isToolScope = !configLoader.getScope().contains(toolType);
            List<String> statusList = Arrays.asList(configLoader.getExcludeStatus().split("\\|"));
            boolean isExcludeStatus = statusList.contains(String.valueOf(response.statusCode()));
            retStatus = isExcludeSuffix || isBlockHost || isToolScope || isExcludeStatus;
        } catch (Exception ignored) {
        }
        return retStatus;
    }
    private boolean isBlockHost(String[] hostList, String host) {
        boolean isBlockHost = false;
        for (String hostName : hostList) {
            String cleanedHost = StringProcessor.replaceFirstOccurrence(hostName, "*.", "");
            if (hostName.contains("*.") && StringProcessor.matchFromEnd(host, cleanedHost)) {
                isBlockHost = true;
            } else if (host.equals(hostName) || hostName.equals("*")) {
                isBlockHost = true;
            }
        }
        return isBlockHost;
    }
 }
--- a/src/main/resources/rules/Rules.yml
+++ b/src/main/resources/rules/Rules.yml
@@ -1,5 +1,5 @@
 rules:
- group: Fingerprint
+  - group: Fingerprint
    rule:
      - name: Shiro
        loaded: true
@@ -46,7 +46,7 @@ rules:
        scope: response body
        engine: dfa
        sensitive: false
- group: Maybe Vulnerability
+  - group: Maybe Vulnerability
    rule:
      - name: Java Deserialization
        loaded: true
@@ -93,7 +93,7 @@ rules:
        scope: request
        engine: dfa
        sensitive: false
- group: Basic Information
+  - group: Basic Information
    rule:
      - name: Email
        loaded: true
@@ -140,7 +140,7 @@ rules:
        scope: response
        engine: nfa
        sensitive: true
- group: Sensitive Information
+  - group: Sensitive Information
    rule:
      - name: Cloud Key
        loaded: true
@@ -209,7 +209,7 @@ rules:
        sensitive: false
      - name: Sensitive Field
        loaded: true
-    f_regex: ((\[)?('|")?([\w]{0,10})((key)|(secret)|(token)|(config)|(auth)|(access)|(admin))([\w]{0,10})('|")?(\])?(
+        f_regex: ((\[)?('|")?([\w]{0,10})((key)|(secret)|(token)|(config)|(auth)|(access)|(admin)|(ticket))([\w]{0,10})('|")?(\])?(
          |)(:|=)( |)('|")(.*?)('|")(|,))
        s_regex: ''
        format: '{0}'
@@ -217,7 +217,7 @@ rules:
        scope: response
        engine: nfa
        sensitive: false
- group: Other
+  - group: Other
    rule:
      - name: Linkfinder
        loaded: true
@@ -237,18 +237,9 @@ rules:
        scope: response body
        engine: dfa
        sensitive: false
  - name: HTML Notes
    loaded: true
    f_regex: (<!--.*?-->)
    s_regex: ''
    format: '{0}'
    color: magenta
    scope: response body
    engine: nfa
    sensitive: false
      - name: Create Script
        loaded: true
-    f_regex: (\+\{.*?\}\[[a-zA-Z]\]\+".*?\.js")
+        f_regex: (\{[^{}]*\}\s*\[[^\s]*\]\s*\+\s*"[^\s]*\.js")
        s_regex: '"?([\w].*?)"?:"(.*?)"'
        format: '{0}.{1}'
        color: green
@@ -282,3 +273,12 @@ rules:
        scope: response body
        engine: nfa
        sensitive: true
      - name: Request URI
        loaded: true
        f_regex: ' ((?!.*\.js(\?.*)?$)(.*?[^.js$])) '
        s_regex: ''
        format: '{0}'
        color: gray
        scope: request line
        engine: nfa
        sensitive: false
Author	SHA1	Message	Date
gh0stkey	6014089594	Version: 3.3.4 Update	2024-10-14 16:35:20 +08:00
EvilChen	910658f2e0	Update 问题反馈.md	2024-09-23 00:05:40 +08:00
gh0stkey	8692b0a494	Version: 3.3.3 Update	2024-09-19 17:45:47 +08:00
gh0stkey	5419d4a679	Version: 3.3.3 Update	2024-09-19 17:11:55 +08:00
gh0stkey	ae8cb2fd25	Version: 3.3.3 Update	2024-09-19 17:08:46 +08:00
EvilChen	5b6bdbe5b6	Update README.md	2024-08-28 16:19:24 +08:00
EvilChen	ddb08e9a6e	Update README.md	2024-08-28 16:18:25 +08:00
EvilChen	6a2f289d57	Update build.gradle	2024-08-26 10:04:57 +08:00
gh0stkey	84746a7089	Version: 3.3.2 Update	2024-08-23 22:03:31 +08:00
gh0stkey	68f0bce619	Version: 3.3.1 Update	2024-08-12 10:41:24 +08:00
gh0stkey	4f0401347c	Version: 3.3.1 Update	2024-08-12 10:34:26 +08:00
gh0stkey	a7e0a2a6ce	Update	2024-07-31 08:57:17 +08:00
gh0stkey	b7c5a8363d	Update	2024-07-31 08:49:53 +08:00