# chaitin/xray

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/chaitin-xray).**

11,612 stars · 1,873 forks · Vue · NOASSERTION

## Links

- GitHub: https://github.com/chaitin/xray
- Homepage: https://docs.xray.cool
- awesome-repositories: https://awesome-repositories.com/repository/chaitin-xray.md

## Topics

`passive-vulnerability-scanner` `poc` `security` `sqlinjection` `vulnerability` `vulnerability-scanner` `xss`

## Description

Xray is a security assessment tool focused on web vulnerability scanning, attack surface mapping, and technology fingerprinting. It identifies common security flaws through automated scanning and semantic analysis, while verifying findings via a custom proof-of-concept execution engine.

The system distinguishes itself with a containerized vulnerability testbed used to deploy pre-configured vulnerable applications. This environment allows for the simulation of specific vulnerabilities and edge-case scenarios to validate scanner accuracy and eliminate false positives.

The platform covers a broad range of security capabilities, including recursive web crawling for directory enumeration, real-time HTTP traffic interception via a proxy layer, and baseline security checks for SSL versions and HTTP headers. It features a template-based plugin system for extending vulnerability checks and supports exporting findings into text, JSON, or HTML formats.

## Tags

### Part of an Awesome List

- [Web Vulnerability Scanning](https://awesome-repositories.com/f/awesome-lists/security/web-vulnerability-scanning.md) — Combines web crawling for link discovery with automated vulnerability scanning to identify security weaknesses. ([source](https://github.com/chaitin/xray/blob/master/README.md))
- [PoC Execution Engines](https://awesome-repositories.com/f/awesome-lists/security/proof-of-concept/poc-execution-engines.md) — Runs user-defined or community-provided scripts to verify the existence of specific vulnerabilities on target systems. ([source](https://github.com/chaitin/xray/blob/master/README_EN.md))
- [PoC Generation Tools](https://awesome-repositories.com/f/awesome-lists/security/proof-of-concept/poc-generation-tools.md) — Creates and verifies proof-of-concept scripts through packet verification and duplication checks. ([source](https://github.com/chaitin/xray/blob/master/README_EN.md))

### DevOps & Infrastructure

- [Security Assessment Frameworks](https://awesome-repositories.com/f/devops-infrastructure/security-automation-workflows/security-assessment-frameworks.md) — Automates the end-to-end process of vulnerability detection and security reporting across multiple targets.
- [Vulnerability Testbeds](https://awesome-repositories.com/f/devops-infrastructure/containerized-deployments/vulnerability-testbeds.md) — Provides a containerized testbed to deploy pre-configured vulnerable applications for validating scanner accuracy.
- [Plugin Extensibility](https://awesome-repositories.com/f/devops-infrastructure/release-automation/plugin-extensibility.md) — Provides a plugin extensibility system for implementing new vulnerability checks and PoC logic. ([source](https://github.com/chaitin/xray/tree/master/webhook))

### Development Tools & Productivity

- [Script Execution Engines](https://awesome-repositories.com/f/development-tools-productivity/script-execution-engines.md) — Includes a framework for executing user-defined proof-of-concept scripts to verify specific vulnerabilities.

### Networking & Communication

- [Traffic Proxying](https://awesome-repositories.com/f/networking-communication/traffic-proxying.md) — Intercepts and analyzes live HTTP requests through a local proxy to detect vulnerabilities in real-time. ([source](https://github.com/chaitin/xray#readme))
- [Proxy Interceptors](https://awesome-repositories.com/f/networking-communication/network-infrastructure-routing/network-infrastructure-configuration/network-management/http-interaction-utilities/proxy-interceptors.md) — Ships a proxy layer to capture and analyze live HTTP traffic for real-time vulnerability detection.

### Security & Cryptography

- [Attack Surface Mapping](https://awesome-repositories.com/f/security-cryptography/attack-surface-mapping.md) — Maps the web attack surface by discovering hidden paths and sensitive files through directory enumeration.
- [Proof of Concept Execution](https://awesome-repositories.com/f/security-cryptography/proof-of-concept-execution.md) — Runs custom proof-of-concept scripts to verify if targets are susceptible to identified vulnerabilities.
- [Vulnerability Testbeds](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/vulnerability-assessment-tools/vulnerability-scanners/vulnerability-testbeds.md) — Ships a containerized testbed for deploying vulnerable applications to validate scanner accuracy.
- [Vulnerable Web Applications](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing/vulnerable-web-applications.md) — Deploys containerized web applications intentionally designed with security flaws to test and validate scanners. ([source](https://github.com/chaitin/xray/tree/master/tests))
- [Web Crawlers](https://awesome-repositories.com/f/security-cryptography/web-crawlers.md) — Implements a recursive web crawler to discover the attack surface and enumerate hidden directories.
- [Sensitive File Discovery](https://awesome-repositories.com/f/security-cryptography/security/policies/host-resource-access/file-system-access-controls/sensitive-file-protections/sensitive-file-discovery.md) — Implements directory enumeration to find backup files, temporary files, and configuration pages. ([source](https://github.com/chaitin/xray/blob/master/README.md))
- [Scanner Accuracy Validation](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/vulnerability-assessment-tools/vulnerability-scanners/scanner-accuracy-validation.md) — Deploys controlled vulnerable environments to verify detection script accuracy and eliminate false positives.
- [Simulated Vulnerabilities](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-vulnerabilities/injection-vulnerabilities/simulated-vulnerabilities.md) — Mimics common vulnerabilities and error messages to verify scanner accuracy and trigger false positives. ([source](https://github.com/chaitin/xray/tree/master/tests/evilpot))
- [Web Technology Detection](https://awesome-repositories.com/f/security-cryptography/web-technology-detection.md) — Identifies the software and frameworks running on target servers through technology fingerprinting.

### Software Engineering & Architecture

- [Request-Response Pattern Analysis](https://awesome-repositories.com/f/software-engineering-architecture/performance-analysis/incremental-analysis-engines/security-analysis-engines/request-response-pattern-analysis.md) — Uses a semantic analysis engine to detect vulnerabilities by matching request and response patterns against known flaw signatures.
- [Plugin-Based Architectures](https://awesome-repositories.com/f/software-engineering-architecture/software-architecture/architectural-patterns/plugin-module-systems/modular-plugin-architectures/plugin-based-architectures/plugin-based-architectures.md) — Features a template-based plugin system allowing users to dynamically load custom vulnerability check scripts.

### Testing & Quality Assurance

- [Scanner Accuracy Validators](https://awesome-repositories.com/f/testing-quality-assurance/scanner-accuracy-validators.md) — Provides a process for running scans against edge-case scenarios to identify and eliminate false positives in detection scripts. ([source](https://github.com/chaitin/xray/tree/master/tests))