[update]更新英文readme

README.md

@@ -8,203 +8,203 @@
   </a>
 </p>
 
-<h3 align="center">一款功能强大的安全评估工具 </h3>
+<h3 align="center">A Powerful Security Assessment Tool </h3>
 
 <p align="center">
-  <a href="https://docs.xray.cool">🏠使用文档</a> •
-  <a href="https://github.com/chaitin/xray/releases">⬇️xray下载</a> •
-  <a href="https://github.com/chaitin/xpoc">⬇️xpoc下载</a> •
-  <a href="https://github.com/chaitin/xapp">⬇️xapp下载</a> •
-  <a href="https://github.com/chaitin/xray-plugins">📖插件存储库</a>
+  <a href="https://docs.xray.cool">🏠 Documentation</a> •
+  <a href="https://github.com/chaitin/xray/releases">⬇️ Download xray</a> •
+  <a href="https://github.com/chaitin/xpoc">⬇️ Download xpoc</a> •
+  <a href="https://github.com/chaitin/xapp">⬇️ Download xapp</a> •
+  <a href="https://github.com/chaitin/xray-plugins">📖 Plugin Repository</a>
 </p>
 
-[**English Version**](./README_EN.md)
+[**中文版**](./README.md)
 
 ## ✨ Demo
 
-> 注意：xray 不开源，直接下载构建的二进制文件即可，仓库内主要为社区贡献的 poc，每次 xray 发布将自动打包。
+> Note: xray is not open source, just download the built binary files directly. The repository mainly contains community-contributed POCs. Each xray release will automatically package them.
 
-## xray2.0
+## xray 2.0
 
-为了解决 xray 1.0在功能增加过程中变得复杂且臃肿的问题，我们推出了 xray 2.0。
+To address the issue of xray 1.0 becoming complex and bloated with added features, we have launched xray 2.0.
 
-这一全新版本致力于提升功能使用的流畅度，降低使用门槛，并帮助更多安全行业从业者以更高效的模式收获更好的体验。xray 2.0 将整合一系列新的安全工具，形成一个全面的安全工具集。
+This new version aims to enhance the smoothness of functionality, lower the usage threshold, and help more security industry practitioners achieve a better experience more efficiently. xray 2.0 will integrate a series of new security tools to form a comprehensive security toolset.
 
-**xray2.0系列的第二款工具xapp已经上线，欢迎体验！**
+**The second tool in the xray 2.0 series, xapp, is now online, welcome to try it!**
 
 ### XPOC
 
-xpoc是xray2.0系列的第一款工具，它是一款为供应链漏洞扫描设计的快速应急响应工具
+xpoc is the first tool in the xray 2.0 series, designed as a rapid emergency response tool for supply chain vulnerability scanning.
 
-项目地址：https://github.com/chaitin/xpoc
+Project address: https://github.com/chaitin/xpoc
 
 ### XAPP
 
-xapp是一款专注于web指纹识别的工具。你可以使用xapp对web目标所使用的技术进行识别，为安全测试做好准备。
+xapp is a tool focused on web fingerprint identification. You can use xapp to identify the technologies used by web targets and prepare for security testing.
 
-项目地址：https://github.com/chaitin/xapp
+Project address: https://github.com/chaitin/xapp
 
-### 插件存储库
+### Plugin Repository
 
-我们为各类插件创建了一个专门的存储库，旨在方便大家共享和使用各种插件。
+We have created a dedicated repository for various plugins, aimed at facilitating the sharing and use of different plugins.
 
-这里主要收录的是开源的、转化成 xray格式的脚本，以供大家使用。
+It mainly collects open-source scripts converted into xray format for everyone to use.
 
-我们会不定期地往这里推送一些新的插件，同时也希望大家能积极踊跃的优化或者提交插件，共同丰富这个仓库。
+We will periodically push some new plugins here and hope everyone will actively optimize or submit plugins to enrich this repository together.
 
-项目地址：https://github.com/chaitin/xray-plugins
+Project address: https://github.com/chaitin/xray-plugins
 
-## 🚀 快速使用
+## 🚀 Quick Usage
 
-**在使用之前，请务必阅读并同意 [License](https://github.com/chaitin/xray/blob/master/LICENSE.md) 文件中的条款，否则请勿安装使用本工具。**
+**Before using, be sure to read and agree to the terms in the [License](https://github.com/chaitin/xray/blob/master/LICENSE.md) file. If not, please do not install or use this tool.**
 
-1. 使用基础爬虫爬取并对爬虫爬取的链接进行漏洞扫描
+1. Use the basic crawler to scan the links crawled by the crawler for vulnerabilities
 
     ```bash
     xray webscan --basic-crawler http://example.com --html-output vuln.html
     ```
 
-1. 使用 HTTP 代理进行被动扫描
+1. Use HTTP proxy for passive scanning
 
     ```bash
     xray webscan --listen 127.0.0.1:7777 --html-output proxy.html
     ```
-   设置浏览器 http 代理为 `http://127.0.0.1:7777`，就可以自动分析代理流量并扫描。
+   Set the browser's HTTP proxy to `http://127.0.0.1:7777`, then you can automatically analyze proxy traffic and scan it.
    
-   >如需扫描 https 流量，请阅读下方文档 `抓取 https 流量` 部分
+   > To scan HTTPS traffic, please read the "Capture HTTPS Traffic" section below.
 
-1. 只扫描单个 url，不使用爬虫
+1. Scan a single URL without using a crawler
     
     ```bash
     xray webscan --url http://example.com/?a=b --html-output single-url.html
     ```
 
-1. 手动指定本次运行的插件
+1. Manually specify plugins for this run
    
-   默认情况下，将会启用所有内置插件，可以使用下列命令指定本次扫描启用的插件。
+   By default, all built-in plugins will be enabled. You can specify the plugins to be enabled for this scan with the following commands.
    
    ```bash
    xray webscan --plugins cmd-injection,sqldet --url http://example.com
    xray webscan --plugins cmd-injection,sqldet --listen 127.0.0.1:7777
    ```
-
-1. 指定插件输出
 
-    可以指定将本次扫描的漏洞信息输出到某个文件中:
-
+1. Specify Plugin Output
+
+   You can specify to output the vulnerability information of this scan to a file:
+
     ```bash
     xray webscan --url http://example.com/?a=b \
     --text-output result.txt --json-output result.json --html-output report.html
     ```
-
-    [报告样例](https://docs.xray.cool/assets/report_example.html)
 
-其他用法请阅读文档： https://docs.xray.cool
+   [Sample Report](https://docs.xray.cool/assets/report_example.html)
 
-## 🪟 检测模块
+For other usage, please read the documentation: https://docs.xray.cool
 
-新的检测模块将不断添加
+## 🪟 Detection Modules
 
-| 名称             | Key              | 版本  | 说明                                                                              |
-|----------------|------------------|-----|---------------------------------------------------------------------------------|
-| XSS漏洞检测        | `xss`            | 社区版 | 利用语义分析的方式检测XSS漏洞                                                                |
-| SQL 注入检测       | `sqldet`         | 社区版 | 支持报错注入、布尔注入和时间盲注等                                                               |
-| 命令/代码注入检测      | `cmd-injection`  | 社区版 | 支持 shell 命令注入、PHP 代码执行、模板注入等                                                    |
-| 目录枚举           | `dirscan`        | 社区版 | 检测备份文件、临时文件、debug 页面、配置文件等10余类敏感路径和文件                                           |
-| 路径穿越检测         | `path-traversal` | 社区版 | 支持常见平台和编码                                                                       |
-| XML 实体注入检测     | `xxe`            | 社区版 | 支持有回显和反连平台检测                                                                    |
-| poc 管理         | `phantasm`       | 社区版 | 默认内置部分常用的 poc，用户可以根据需要自行构建 poc 并运行。文档：[POC](https://docs.xray.cool/#/guide/poc) |
-| 文件上传检测         | `upload`         | 社区版 | 支持常见的后端语言                                                                       |
-| 弱口令检测          | `brute-force`    | 社区版 | 社区版支持检测 HTTP 基础认证和简易表单弱口令，内置常见用户名和密码字典                                          |
-| jsonp 检测       | `jsonp`          | 社区版 | 检测包含敏感信息可以被跨域读取的 jsonp 接口                                                       |
-| ssrf 检测        | `ssrf`           | 社区版 | ssrf 检测模块，支持常见的绕过技术和反连平台检测                                                      |
-| 基线检查           | `baseline`       | 社区版 | 检测低 SSL 版本、缺失的或错误添加的 http 头等                                                    |
-| 任意跳转检测         | `redirect`       | 社区版 | 支持 HTML meta 跳转、30x 跳转等                                                         |
-| CRLF 注入        | `crlf-injection` | 社区版 | 检测 HTTP 头注入，支持 query、body 等位置的参数                                                |
-| XStream漏洞检测    | `xstream`        | 社区版 | 检测XStream系列漏洞                                                                   |
-| Struts2 系列漏洞检测 | `struts`         | 高级版 | 检测目标网站是否存在Struts2系列漏洞，包括s2-016、s2-032、s2-045、s2-059、s2-061等常见漏洞                 |
-| Thinkphp系列漏洞检测 | `thinkphp`       | 高级版 | 检测ThinkPHP开发的网站的相关漏洞                                                            |
-| shiro反序列化漏洞检测  | `shiro`          | 高级版 | 检测Shiro反序列化漏洞                                                                   |
-| fastjson系列检测   | `fastjson`       | 高级版 | 检测fastjson系列漏洞                                                                  |
+New detection modules will be continuously added.
 
+| Name             | Key              | Version  | Description                                                                          |
+|------------------|------------------|----------|--------------------------------------------------------------------------------------|
+| XSS Detection    | `xss`            | Community | Detects XSS vulnerabilities using semantic analysis                                  |
+| SQL Injection Detection | `sqldet` | Community | Supports error-based injection, boolean-based injection, and time-based blind injection |
+| Command/Code Injection Detection | `cmd-injection`  | Community | Supports shell command injection, PHP code execution, template injection, etc.        |
+| Directory Enumeration | `dirscan`    | Community | Detects over 10 types of sensitive paths and files such as backup files, temporary files, debug pages, and configuration files |
+| Path Traversal Detection | `path-traversal` | Community | Supports common platforms and encodings                                               |
+| XML External Entity (XXE) Detection | `xxe`    | Community | Supports detection with echo and back-connect platform                                 |
+| POC Management      | `phantasm`       | Community | Comes with some common POCs by default; users can build and run POCs as needed. Documentation: [POC](https://docs.xray.cool/#/guide/poc) |
+| File Upload Detection | `upload` | Community | Supports common backend languages                                                     |
+| Weak Password Detection | `brute-force` | Community | Community edition supports HTTP basic authentication and simple form weak password detection, with built-in common username and password dictionary |
+| JSONP Detection      | `jsonp` | Community | Detects JSONP interfaces containing sensitive information that can be read across domains |
+| SSRF Detection      | `ssrf` | Community | SSRF detection module, supports common bypass techniques and back-connect platform detection |
+| Baseline Check      | `baseline` | Community | Detects low SSL versions, missing or incorrectly added HTTP headers                   |
+| Arbitrary Redirect Detection | `redirect` | Community | Supports HTML meta redirects, 30x redirects, etc.                                     |
+| CRLF Injection      | `crlf-injection` | Community | Detects HTTP header injection, supports parameters in query, body, etc.               |
+| XStream Vulnerability Detection | `xstream` | Community | Detects XStream series vulnerabilities                                                |
+| Struts2 Vulnerability Detection | `struts` | Advanced | Detects Struts2 series vulnerabilities, including common ones like s2-016, s2-032, s2-045, s2-059, s2-061, etc. |
+| ThinkPHP Vulnerability Detection | `thinkphp` | Advanced | Detects related vulnerabilities in websites developed with ThinkPHP                   |
+| Shiro Deserialization Vulnerability Detection | `shiro` | Advanced | Detects Shiro deserialization vulnerabilities                                         |
+| Fastjson Vulnerability Detection | `fastjson` | Advanced | Detects Fastjson series vulnerabilities                                               |
 
-## ⚡️ 进阶使用
 
-下列高级用法请查看 https://docs.xray.cool/ 使用。
+## ⚡️ Advanced Usage
 
- - 修改配置文件
- - 抓取 https 流量
- - 修改 http 发包配置
- - 反连平台的使用
- - ...
+For the following advanced usage, please see https://docs.xray.cool/.
 
-## 😘 贡献 POC
+- Modify configuration file
+- Capture HTTPS traffic
+- Modify HTTP request configuration
+- Use of the back-connect platform
+- ...
 
-xray的进步离不开各位师傅的支持，秉持着互助共建的精神，为了让我们共同进步，xray也开通了“PoC收录”的渠道！在这里你将会得到：
+## 😘 Contribute POCs
 
-### 提交流程
+The progress of xray cannot be achieved without the support of many contributors. In the spirit of mutual assistance and co-construction, to help us all progress together, xray has also opened a channel for "POC inclusion"! Here you will get:
 
-1. 贡献者以 PR 的方式向 github xray 社区仓库内提交， POC 提交位置: https://github.com/chaitin/xray/tree/master/pocs, 指纹识别脚本提交位置: https://github.com/chaitin/xray/tree/master/fingerprints
-2. PR 中根据 Pull Request 的模板填写 POC 信息
-3. 内部审核 PR，确定是否合并入仓库
-4. 但需要注意，如果想要获得POC的奖励，需要将你的POC提交到CT stack，才能获取到奖励
+### Submission Process
 
-### 丰厚的奖励
+1. Contributors submit to the GitHub xray community repository via PR. POC submission location: https://github.com/chaitin/xray/tree/master/pocs, fingerprint script submission location: https://github.com/chaitin/xray/tree/master/fingerprints
+2. Fill in the POC information according to the Pull Request template in the PR.
+3. Internal review of the PR to determine whether to merge into the repository.
+4. Note: To receive POC rewards, you need to submit your POC to the CT stack to receive the rewards.
 
-- 贡献PoC将获得**丰厚的金币奖励**，成就感满满；
-- **丰富的礼品**兑换专区，50余种周边礼品任你挑选；
-- 定期更有京东卡上线兑换，离**财富自由**又近了一步；
-- 进入核心社群的机会，领取特殊任务，赚取**高额赏金**；
+### Generous Rewards
 
-### 完善的教程
+- Contribute POCs to receive **generous gold rewards** with a sense of accomplishment;
+- **Rich gift** redemption area, with over 50 kinds of peripheral gifts to choose from;
+- Regularly launch JD card redemption, getting **closer to financial freedom**;
+- Opportunity to enter the core community, receive special tasks, and earn **high bounties**;
 
-- 完善的**PoC编写教程和指导**，让你快速上手，少走弯路；
+### Comprehensive Tutorials
 
-### 学习与交流
+- Comprehensive **POC writing tutorials and guidance** to help you get started quickly and avoid pitfalls;
 
-- **与贡献者、开发者面对面**学习交流的机会，各项能力综合提高；
-- 免笔试的**直通面试机会**，好工作不是梦；
+### Learning and Communication
 
-如果你已经成功贡献过PoC但是还没有进群，请添加客服微信：
+- **Face-to-face learning and communication opportunities** with contributors and developers, improving comprehensive skills;
+- **Direct interview opportunities** without written tests, making good jobs not just a dream;
+
+If you have successfully contributed a POC but have not yet
+
+joined the group, please add the customer service WeChat:
 
 <img src="./asset/customer_service.png" height="200px">
 
-提供平台注册id进行验证，验证通过后即可进群！
+Provide the platform registration ID for verification. Once verified, you can join the group!
 
-参照: https://docs.xray.cool/#/guide/contribute
+Refer to: https://docs.xray.cool/#/guide/contribute
 
-## 🔧周边生态
+## 🔧 Surrounding Ecosystem
 
-### POC编写辅助工具
+### POC Writing Assistant Tools
 
-该工具可以辅助生成POC，且在线版支持**poc查重**，本地版支持直接发包验证
+This tool can assist in generating POCs, and the online version supports **POC duplication checks**, while the local version supports direct packet verification.
 
-#### 在线版
-- [**规则实验室**](https://poc.xray.cool)
-- 在线版支持对**poc查重**
-#### 本地版
+#### Online Version
+- [**Rule Laboratory**](https://poc.xray.cool)
+- The online version supports **POC duplication checks**.
+#### Local Version
 - [**gamma-gui**](https://github.com/zeoxisca/gamma-gui)
 
-### xray gui辅助工具
+### xray GUI Assistant Tools
 
-本工具仅是简单的命令行包装，并不是直接调用方法。在 xray 的规划中，未来会有一款真正的完善的 GUI 版 XrayPro 工具，敬请期待。
+This tool is just a simple command line wrapper, not a direct method call. In the xray plan, there will be a truly complete GUI version of XrayPro in the future, so stay tuned.
 
 - [**super-xray**](https://github.com/4ra1n/super-xray)
 
-## 📝 讨论区
+## 📝 Discussion Area
 
-提交误报漏报需求等等请务必先阅读 https://docs.xray.cool/#/guide/feedback
+Before submitting false positives, missed reports, or requests, please be sure to read https://docs.xray.cool/#/guide/feedback.
 
-如有问题可以在 GitHub 提 issue, 也可在下方的讨论组里
+If you have any questions, you can submit an issue on GitHub or join the discussion groups below.
 
 1. GitHub issue: https://github.com/chaitin/xray/issues
 
-2. 微信公众号：微信扫描以下二维码，关注我们
+2. WeChat Official Account: Scan the QR code below to follow us
 
     <img src="./asset/wechat.jpg" height="200px">
 
-3. 微信群: 请添加微信公众号并点击"联系我们" -> "加群"，然后扫描二维码加群
-
-4. QQ 群: 717365081
-
+3. WeChat Group: Add the WeChat official account, click "Contact Us" -> "Join Group", and then scan the QR code to join the group.
 
+4. QQ Group: 717365081