当前位置:首页>php>解放双手 || 全链路 PHP 代码安全审计 AI Agent 系统

解放双手 || 全链路 PHP 代码安全审计 AI Agent 系统

  • 2026-06-29 14:12:35
解放双手 || 全链路 PHP 代码安全审计 AI Agent 系统

全链路 PHP 代码安全审计 AI Agent 系统

基于 Claude Code Agent Teams 的多智能体协作安全审计框架,覆盖环境构建、静态侦察、动态追踪、深度对抗利用、后渗透关联分析、报告收口全链路,支持 21 种漏洞类型 专家级审计。

项目地址后台回复【云梦

功能特性

🔄 全链路自动化

  • 6 阶段流水线:Phase 1~5 + Phase 4.5 自动编排,覆盖侦察→追踪→利用→后渗透→报告
  • 断点续审:通过 checkpoint.json 记录阶段状态,支持中断恢复与增量审计
  • 错误自恢复:DB 损坏、Agent 崩溃、Token 溢出、磁盘不足等 5 种异常场景自动恢复

🎯 21 种漏洞类型覆盖

RCE · SQLi · 反序列化 · LFI · 文件写入 · SSRF · XSS/SSTI · XXE · CSRF · CRLF · 越权/IDOR · Session · 弱加密 · 竞态条件 · NoSQL · LDAP · 信息泄露 · 日志注入 · 配置缺陷 · WordPress 专有 · 业务逻辑

🧠 智能攻击记忆系统

  • 扁平记忆attack_memory 表 — 按 sink_type + framework + PHP版本 + WAF 指纹匹配历史攻击经验
  • 关系型图记忆memory_nodes + memory_edges 表 — 7 种实体关系类型,支持攻击链自动发现
  • 跨项目学习:历史审计经验自动积累,新项目审计自动匹配相似模式

🔬 Mini-Researcher 智能研究员

  • 未知组件、无 PoC 的 Critical CVE、连续 5 轮攻击失败等 5 种条件自动触发
  • 本地知识库 → NVD/GitHub Advisory 外部情报 → 结构化输出
  • 3 级置信度消费:高→立即使用、中→追加计划、低→仅参考

⚡ 混合调度 + 对抗循环

  • 并行分析 + 串行攻击:先并行静态分析,再逐个独占容器执行攻击
  • 8 轮对抗循环:每轮前 Docker 快照,失败自动回滚,Pivot When Stuck 自动转向
  • 框架感知调度:Laravel / ThinkPHP / Symfony / WordPress 等框架特征识别与强制审计项
  • 版本感知调度:PHP < 8.0 → Type Juggling, ThinkPHP 5.x → RCE 等

🔒 质量保障体系

  • Gate 门禁:每阶段结束强制校验产物存在性(GATE-1 ~ GATE-4.5)
  • 独立 QC 池:按需 spawn 质检员,"完成一个、校验一个",含图记忆 + 研究员专项检查
  • 30 个 JSON Schema:所有 Agent 间数据交换严格校验格式,251 个 string 字段全部约束(enum/pattern/maxLength),251 个 string 字段全部约束(enum/pattern/maxLength)
  • Auditor 自检:每个审计员内置 auditor_self_check.md 自我校验清单
  • 530+ 可控性约束:4 轮深度优化,消除自由文本幻觉风险

📊 专业审计报告

  • 单文件全包含:一个 审计报告.md 包含所有内容(目录/执行摘要/漏洞详情/攻击链/覆盖率/风险池/经验总结)
  • Context Pack 内嵌:每个漏洞详情含完整调用链、中间件、过滤器分析、认证绕过评估
  • Burp 复现模板:每个漏洞自带可直接复制到 Burp Repeater 的 HTTP 请求
  • Mermaid 可视化:攻击链 + 联合攻击路径全部用 Mermaid 流程图展示
  • CVSS 进度条████████░░ 9.45/10 直观展示严重程度
  • SARIF 导出:支持导入 GitHub/VS Code 的标准格式

架构设计

阶段功能总览

阶段
Agent 数
核心功能
关键产物
Phase 1: 环境构建
3
框架识别、Schema 重建、Docker 构建 + 自愈
environment_status.json
Phase 2: 静态侦察
12
工具扫描(7 种)、路由映射、鉴权矩阵、依赖扫描、上下文抽取、风险定级
priority_queue.json
context_packs/
Phase 3: 动态追踪
3+N
鉴权模拟、Xdebug 追踪、调用链校验
traces/*.json
credentials.json
Phase 4: 深度利用
21+1
21 类漏洞专家审计 + Mini-Researcher
exploits/*.json
research/*.json
Phase 4.5: 后渗透
4
攻击图谱、关联分析、Patch 生成、PoC 生成
attack_graph.json
PoC脚本/*.py
Phase 5: 报告收口
3
报告生成、SARIF 导出、环境清理
报告/审计报告.md
.sarif.json
QC: 质检
2
独立质检员池、贯穿全流程
QC 记录写入 audit_session.db

Architecture Overview

145+ skills organized in 10 subdirectories under skills/, using a 2-stage auditor pattern (21 auditor types → 42 files: _analyze + _attack) and a standardized fill-in template format.

Skills Directory Structure

ounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineskills/├── auditors/       — 42 files (21 analyze + 21 attack) + index├── auth/           — 9 sub-skills + index├── correlation/    — 5 correlation rules + index├── infrastructure/ — 4 system skills + index├── qc/             — 6 phase QC checkers + index├── report/         — 7 chapter writers + index├── routes/         — 8 route sub-skills + index├── scanners/       — 7 scanner wrappers + index├── shared/         — 9 cross-cutting protocols + index└── trace/          — 14 trace sub-skills + index

Total: 111 skill files + 10 index files = 121 files in skills/

Fill-in Template Standard

Every skill follows the fill-in template format:

Identity → Input Contract → 🚨 CRITICAL Rules → Fill-in Procedure (tables) → Output Contract → ✅/❌ Examples → Error Handling

This minimizes model dependency: the model fills predefined fields rather than generating free-form content.


Design Philosophy

  • Fill-in templates > free generation — structured fields reduce hallucination
  • Positive/negative examples > abstract rules — concrete examples anchor behavior
  • Multi-agent single-responsibility > monolithic — each agent owns one task
  • Independent QC agents for each phase — quality verification is never self-assessed
  • AI instructions in English, output in Chinese — precision for the model, readability for the user

攻击循环流程

ounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(linePhase-4 攻击循环(每个 Sink,最多 8 轮):  ┌─ 查询攻击记忆(扁平 + 图记忆)  │    ↓  │  制定攻击计划 → exploit_plan.json  │    ↓  │  ┌─────────────────────────────────────┐  │  │  Round 1~8 循环                      │  │  │  ① Docker 快照                       │  │  │  ② 发送 Payload                      │  │  │  ③ 采集物理证据(HTTP 响应/命令输出) │  │  │  ④ 成功 → 写入 exploit + 记忆        │  │  │  ⑤ 失败 → WAF 分析 → 调整策略        │  │  │  ⑥ 连续失败 → Pivot 转向             │  │  │  ⑦ 触发条件 → Mini-Researcher 委派   │  │  └─────────────────────────────────────┘  │    ↓  │  写入攻击记忆(供后续 Sink 和未来项目复用)  │    ↓  └─ QC 质检 → 下一个 Sink

Pivot 自动转向策略

原始攻击
转向目标
SQLi 8 轮全败
二阶 SQLi(存储→读取→拼接)
XSS 被完全过滤
SSTI({{7*7}} 探测)
LFI 路径过滤
php://filter
 chain RCE
RCE disable_functions
反序列化 POP chain
SSRF 内网不可达
DNS Rebinding

Agent Teams 编制

Team 1 — 环境构建(3 Agents)

Agent
职责
env_detective
框架指纹、PHP 版本、DB 类型识别
schema_reconstructor
从 ORM 模型重建数据库表结构
docker_builder
Docker 环境构建 + env_selfheal 自愈循环

Team 2 — 静态侦察(12 Agents)

Agent
职责
psalm_scanner
Psalm taint analysis
progpilot_scanner
Progpilot vulnerability scan
ast_scanner
AST sink detection via sink_finder.php
phpstan_scanner
PHPStan static analysis
semgrep_scanner
Semgrep pattern matching
composer_audit_scanner
Composer dependency audit
codeql_scanner
CodeQL analysis (optional)
route_mapper
路由表解析与映射
auth_auditor
鉴权机制分析
dep_scanner
第三方组件 CVE 检测 + known_cves
context_extractor
Sink 上下文抽取 + 数据流分析
risk_classifier
风险优先级定级 P0/P1/P2/P3

Team 3 — 动态追踪(3 + N Agents)

Agent
职责
auth_simulator
模拟多角色登录获取凭证
trace_dispatcher
读取高危 Sink 分批创建追踪任务
trace_worker
 ×N
Xdebug 追踪执行(动态创建)

Team 4 — 漏洞审计(21 + 1 Agents)

展开 21 种专家审计员
#
Agent
覆盖类型
1
rce_auditor
命令/代码执行
2
sqli_auditor
SQL 注入(一阶 + 二阶)
3
xss_ssti_auditor
XSS + SSTI
4
lfi_auditor
本地/远程文件包含
5
filewrite_auditor
文件上传/写入
6
ssrf_auditor
SSRF + DNS Rebinding
7
xxe_auditor
XML 外部实体
8
deserial_auditor
反序列化 + POP chain
9
crlf_auditor
CRLF 注入
10
csrf_auditor
跨站请求伪造
11
authz_auditor
越权 + IDOR
12
session_auditor
Session 管理缺陷
13
crypto_auditor
弱加密/密钥泄露
14
race_condition_auditor
竞态条件
15
nosql_auditor
MongoDB/Redis 注入
16
ldap_auditor
LDAP 注入
17
infoleak_auditor
信息泄露
18
logging_auditor
日志注入/敏感日志
19
config_auditor
配置缺陷
20
wordpress_auditor
WordPress 专有漏洞
21
business_logic_auditor
业务逻辑缺陷
mini_researcher
智能研究员(按需委派)

Team 4.5 — 后渗透分析(4 Agents)

Agent
职责
attack_graph_builder
构建攻击图谱 + 链式利用路径
correlation_engine
跨审计员关联 + 图记忆消费 + 误报消除
poc_generator
可执行 PoC 脚本生成
remediation_generator
修复 Patch 生成(框架适配)

Team 5 — 报告收口(3 Agents + 7 Chapter Writers)

Agent
职责
report_writer
主审计报告编排(7 章并行写入 → 单文件组装)
sarif_exporter
SARIF 2.1.0 标准导出
env_cleaner
Xdebug 清理 + 代码/数据库还原

7 个 Chapter Writers(并行执行):

Chapter
Writer
输出内容
S-090a
cover_page_writer
封面 + 目录 + 执行摘要 + CVSS 可视化
S-090b
vuln_summary_writer
漏洞汇总表 + CVSS 进度条
S-090c
vuln_detail_writer
漏洞详情(信息卡 + Context Pack + Mermaid + Burp + 修复对比)
S-090d
attack_chain_writer
联合攻击链(Mermaid + 步骤表)
S-090e
coverage_stats_writer
覆盖率统计(路由/优先级/审计器)
S-090f
risk_pool_writer
待补证风险池
S-090g
lessons_writer
审计经验总结

QC — 独立质检(2 Agents)

Agent
职责
qc_dispatcher
质检任务分发
quality_checker
质量校验(含 Mini-Researcher + 图记忆专项)

前置要求

  • Docker + Docker Compose(必需)
  • Claude Code(v2.1.87+)
  • tmux(可选,分屏查看并行 Agent)

注意: 本项目自带完整的多 Agent 编排(phases + teams + skills),无需依赖 Claude Code 的 Agent Teams 实验特性。如使用第三方 API(如智谱 glm-5),建议关闭 Agent Teams 以避免模型不兼容问题。


安装与使用

1. 准备环境

ounter(lineounter(linedocker --versiondocker compose version

2. 配置 Skill

将本仓库整体放入 Claude Code 的 skills 目录,或作为项目级 .github/skills/PHP_AUDIT_SKILLS/ 使用。

3. 一键启动审计

ounter(line/php-audit-skills /path/to/php-project

系统将自动执行 6 阶段全链路审计,最终输出完整报告和 PoC。


目录结构

ounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(linePHP_AUDIT_SKILLS/├── SKILL.md                          # 主调度器(Skill 入口)├── README.md                         # 本文档├── 全链路详细流程.md                    # 完整执行流程图(文字版)├── phases/                           # 阶段执行模板(7 个)│   ├── phase1-env.md                 #   环境智能识别与构建│   ├── phase2-recon.md               #   静态资产侦察│   ├── phase2-tasks-dynamic.md       #   动态侦察任务创建│   ├── phase3-trace.md               #   鉴权模拟与动态追踪│   ├── phase4-exploit.md             #   深度对抗审计│   ├── phase45-post.md               #   后渗透智能分析│   └── phase5-report.md              #   清理与报告收口├── teams/                            # Agent 指令文件(40+ Agents)│   ├── team1/                        #   环境构建(3)│   │   ├── docker_builder.md│   │   ├── env_detective.md│   │   └── schema_reconstructor.md│   ├── team2/                        #   静态侦察(5 dispatchers; scanners in skills/scanners/)│   │   ├── route_mapper.md│   │   ├── auth_auditor.md│   │   ├── dep_scanner.md│   │   ├── context_extractor.md│   │   └── risk_classifier.md│   ├── team3/                        #   动态追踪(3+N)│   │   ├── auth_simulator.md│   │   ├── trace_dispatcher.md│   │   └── trace_worker.md│   ├── team4/                        #   漏洞审计(21+1)│   │   ├── rce_auditor.md│   │   ├── sqli_auditor.md│   │   ├── xss_ssti_auditor.md│   │   ├── lfi_auditor.md│   │   ├── filewrite_auditor.md│   │   ├── ssrf_auditor.md│   │   ├── xxe_auditor.md│   │   ├── deserial_auditor.md│   │   ├── crlf_auditor.md│   │   ├── csrf_auditor.md│   │   ├── authz_auditor.md│   │   ├── session_auditor.md│   │   ├── crypto_auditor.md│   │   ├── race_condition_auditor.md│   │   ├── nosql_auditor.md│   │   ├── ldap_auditor.md│   │   ├── infoleak_auditor.md│   │   ├── logging_auditor.md│   │   ├── config_auditor.md│   │   ├── wordpress_auditor.md│   │   ├── business_logic_auditor.md│   │   └── mini_researcher.md│   ├── team4.5/                      #   后渗透分析(4)│   │   ├── attack_graph_builder.md│   │   ├── correlation_engine.md│   │   ├── poc_generator.md│   │   └── remediation_generator.md│   ├── team5/                        #   报告收口(3)│   │   ├── report_writer.md│   │   ├── sarif_exporter.md│   │   └── env_cleaner.md│   └── qc/                           #   质检(2)│       ├── qc_dispatcher.md│       └── quality_checker.md├── shared/                           # 共享知识库(25 个)│   ├── anti_hallucination.md         #   反幻觉规则│   ├── attack_chains.md              #   攻击链模式│   ├── attack_memory.md              #   攻击记忆系统(扁平 + 关系型)│   ├── attack_memory_graph.md        #   关系型图记忆模型│   ├── auditor_self_check.md         #   审计员自检清单│   ├── context_compression.md        #   上下文压缩策略│   ├── data_contracts.md             #   数据合约(引用 schemas/)│   ├── docker_snapshot.md            #   Docker 快照管理│   ├── env_selfheal.md               #   环境自愈策略│   ├── error_recovery.md             #   错误恢复指南(5 种场景)│   ├── evidence_contract.md          #   证据采集标准│   ├── false_positive_patterns.md    #   误报模式库│   ├── framework_patterns.md         #   PHP 框架特征模式│   ├── known_cves.md                 #   PHP 生态 CVE 速查│   ├── lessons_learned.md            #   实战经验库│   ├── output_standard.md            #   输出标准规范│   ├── OUTPUT_TEMPLATE.md            #   标准输出模板│   ├── payload_templates.md          #   常用 Payload 模板│   ├── php_specific_patterns.md      #   PHP 特有攻击模式│   ├── pivot_strategy.md             #   Pivot 转向策略│   ├── realtime_sharing.md           #   实时数据共享 + 图节点桥接│   ├── second_order.md               #   二阶漏洞模式│   ├── severity_rating.md            #   严重程度评级体系│   ├── sink_definitions.md           #   Sink 函数定义│   └── waf_bypass.md                 #   WAF 检测与绕过├── schemas/                          # JSON Schema(30 个)│   ├── attack_graph.schema.json│   ├── attack_memory_entry.schema.json│   ├── auth_credentials.schema.json│   ├── auth_gap_report.schema.json│   ├── auth_matrix.schema.json│   ├── business_logic_result.schema.json│   ├── context_pack.schema.json│   ├── correlation_report.schema.json│   ├── credentials.schema.json│   ├── crypto_audit_result.schema.json│   ├── dep_risk.schema.json│   ├── environment_status.schema.json│   ├── exploit_plan.schema.json│   ├── exploit_result.schema.json│   ├── nosql_result.schema.json│   ├── poc_summary.schema.json│   ├── priority_queue.schema.json│   ├── race_condition_result.schema.json│   ├── remediation_summary.schema.json│   ├── research_result.schema.json│   ├── route_map.schema.json│   ├── shared_findings.schema.json│   ├── team4_progress.schema.json│   ├── trace_record.schema.json│   └── wordpress_result.schema.json├── references/                       # 参考文档(9 个)│   ├── agent_injection_framework.md  #   Agent 注入框架(L1/L2/L3)│   ├── phase1_environment.md│   ├── phase2_recon.md│   ├── phase3_tracing.md│   ├── phase4_attack_logic.md        #   攻击逻辑 + Mini-Researcher 委派│   ├── phase4_5_correlation.md│   ├── phase5_reporting.md│   ├── pipeline_view.md              #   端到端流水线视图│   └── quality_check_templates.md    #   QC 模板(含图记忆 + 研究员检查)├── tools/                            # 辅助工具(12 个)│   ├── audit_db.sh                   #   数据库操作(889 行,含图记忆命令)│   ├── audit_monitor.sh              #   审计监控│   ├── sink_finder.php               #   AST Sink 扫描器│   ├── trace_filter.php              #   Xdebug Trace 过滤器│   ├── payload_encoder.php           #   Payload 编码器│   ├── waf_detector.php              #   WAF 指纹识别│   ├── jwt_tester.php                #   JWT 安全测试│   ├── type_juggling_tester.php      #   PHP 类型混淆测试│   ├── redirect_checker.php          #   开放重定向检测│   ├── validate_shared.php           #   shared/ 目录校验│   ├── vuln_intel.sh                 #   漏洞情报收集│   └── quality_report_gen.sh         #   QC 报告生成├── templates/                        # 环境模板│   ├── .env.template│   ├── Dockerfile.template│   ├── docker-compose.template.yml│   ├── xdebug.ini.template│   └── nginx/                        #   Nginx 框架适配配置│       ├── default.conf│       ├── laravel.conf│       ├── symfony.conf│       ├── thinkphp.conf│       ├── wordpress.conf│       └── yii2.conf├── assets/                           # 可视化资源│   ├── PHP_AUDIT_SKILLS-pipeline.png│   ├── php-audit-skills-workflow.png│   ├── php-audit-skills-workflow.svg│   └── workflow.mmd├── agent-flow.mmd                    # Agent 执行流程图(Mermaid)└── audit-flow.mmd                    # 审计流程图(Mermaid)

辅助工具详解

工具
用途
用法
使用阶段
audit_db.sh
SQLite 数据库操作(攻击记忆/发现/质检/图记忆)
bash audit_db.sh <command> [args]
全阶段
sink_finder.php
AST Sink 扫描器
php sink_finder.php <目标目录>
Phase-2
trace_filter.php
Xdebug Trace 精简过滤器
php trace_filter.php <trace_file> [sinks]
Phase-3
payload_encoder.php
Payload 编码(URL/Base64/Hex/双重等)
php payload_encoder.php <payload> <type>
Phase-4
waf_detector.php
WAF/过滤器指纹识别
php waf_detector.php <base_url> [cookie]
Phase-4
jwt_tester.php
JWT 安全测试
php jwt_tester.php <token> [pubkey]
Phase-4
type_juggling_tester.php
PHP 类型混淆松散比较测试
php type_juggling_tester.php <url> [param]
Phase-4
redirect_checker.php
开放重定向检测
php redirect_checker.php <url> [param]
Phase-4
vuln_intel.sh
漏洞情报收集(NVD/GitHub Advisory)
bash vuln_intel.sh <component> <version>
Phase-4
audit_monitor.sh
审计进度实时监控
bash audit_monitor.sh <WORK_DIR>
全阶段
quality_report_gen.sh
QC 报告汇总生成
bash quality_report_gen.sh <WORK_DIR>
Phase-5
validate_shared.php
shared/ 目录完整性校验
php validate_shared.php [shared_dir]
开发/维护

audit_db.sh 命令速查

ounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(line# 攻击记忆bash audit_db.sh init-memory                     # 初始化(自动含图记忆)bash audit_db.sh memory-write '<json>'            # 写入攻击经验bash audit_db.sh memory-query '<json>'            # 查询匹配经验bash audit_db.sh memory-stats                     # 记忆库统计bash audit_db.sh memory-maintain                  # 清理过期记忆# 图记忆bash audit_db.sh graph-node-write '<json>'        # 写入图节点bash audit_db.sh graph-edge-write '<json>'        # 写入图边bash audit_db.sh graph-neighbors <node_id>        # 查询邻居节点bash audit_db.sh graph-by-data-object <obj>       # 按数据对象查询bash audit_db.sh graph-export <WORK_DIR>          # 导出完整图数据# 发现管理bash audit_db.sh finding-write '<json>'           # 写入发现bash audit_db.sh finding-read [sink_id]           # 读取发现bash audit_db.sh finding-consume <sink_id>        # 消费发现# 质检bash audit_db.sh qc-write '<json>'                # 写入质检记录bash audit_db.sh qc-read [phase]                  # 读取质检记录

输出产物

审计完成后,$WORK_DIR/ 目录结构:

ounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(line$WORK_DIR/├── 报告/   ├── 审计报告.md               全中文单文件报告(含目录/执行摘要/漏洞详情/Context Pack/Burp/攻击链/覆盖率/风险池/经验总结)   └── audit_report.sarif.json   SARIF 2.1.0(可导入 GitHub/VS Code)├── PoC脚本/   ├── poc_{sink_id}.py          每个漏洞的 PoC   └── 一键运行.sh               批量执行├── 修复补丁/   └── {finding_id}.patch        框架适配修复├── 经验沉淀/   ├── lessons_learned.md        绕过技巧/失败教训/新模式   └── 共享文件更新建议.md├── 质量报告/   └── 质量报告.md└── 原始数据/                     中间产物归档    ├── exploits/, traces/, context_packs/    ├── attack_graph.json, correlation_report.json    └── checkpoint.json

审计报告内容结构

ounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(line审计报告.md├── # 封面(项目元数据 + CVSS可视化进度条)├── 📖 目录(7章锚点导航)├── 执行摘要(整体风险等级 + 关键发现 + 审计范围)├── 漏洞汇总表(CVSS进度条 + AI验证徽章)├── 漏洞详情 ×N   ├── 📋 漏洞信息卡(等级/类型/路由/Sink/鉴权/优先级)   ├── 📦 上下文包(入口调用链Sink + 中间件 + 过滤器 + 认证绕过)   ├── 🔗 Mermaid 攻击链   ├── 📊 数据流追踪(SourceSink + file:line)   ├── 🔫 Burp 复现模板(请求 + 响应)   ├── ⚔️ 攻击迭代记录   └── 🔧 修复方案(修复前 vs 修复后)├── 联合攻击链分析(Mermaid + 步骤表)├── 审计覆盖率统计(路由/优先级/审计器状态)├── 待补证风险池(降级原因 + 复验建议)├── 审计经验总结(框架特征/绕过手法/踩坑/建议)└── 📋 页脚(版本 + 时间 + 工具)

Gate 门禁与 QC 策略

Gate 强制验收

Gate
校验条件
GATE-1
environment_status.json
 存在
GATE-2
priority_queue.json
 + context_packs/ 存在
GATE-3
credentials.json
 存在
GATE-4
exploits/*.json
 存在
GATE-4.5
PoC脚本/*.py
 存在

QC 降级策略

阶段
质检不通过处理
Phase-1
发回重做(最多 3 次),自愈循环/用户介入
Phase-2
定位责任 Agent 补充,标注覆盖率继续
Phase-3
断链路由退回静态分析,不阻塞
Phase-4
降级标注,不阻塞报告

演示效果

PHP_AUDIT_SKILLS Pipeline
📋 点击展开完整执行流程图(文字版)

完整流程详见 全链路详细流程.md

ounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(lineounter(line输入: /php-audit-skills <目标路径>  ↓前置检查: Docker → 路径验证 → WORK_DIR → 断点续审 → 增量审计  ↓Phase 1: env-detective ∥ schema-reconstructor → docker-builder → QC  ↓Phase 2: scanners ×7 ∥ route-mapper ∥ auth-auditor ∥ dep-scanner         → context-extractor → risk-classifier → QC → 动态创建 Phase-4 任务  ↓Phase 3: auth-simulator → trace-dispatcher → trace-worker×N → QC  ↓Phase 4: Step1 并行分析(21 专家) → Step2 串行攻击(8 轮循环 + Pivot)         → 攻击记忆写入 → QC(完成一个校验一个)  ↓Phase 4.5: attack-graph-builder ∥ correlation-engine           → poc-generator ∥ remediation-generator  ↓Phase 5: env-cleaner ∥ report-writer ∥ sarif-exporter → 最终 QC  ↓输出: 报告/审计报告.md + 报告/audit_report.sarif.json + PoC脚本/ + 修复补丁/ + 经验沉淀/ + 质量报告/

知识注入架构(Agent Injection Framework)

Agent 启动时按层级注入共享知识:

层级
注入时机
内容
L1(强制)
所有 Agent 启动
anti_hallucination.md
evidence_contract.mddata_contracts.mdoutput_standard.md
L2(角色相关)
Phase-4 专家启动
sink_definitions.md
payload_templates.mdattack_memory.mdattack_memory_graph.mdwaf_bypass.md 等 16 个
L3(按需)
运行时触发条件
lessons_learned.md
mini_researcher.md

最佳实践

  1. 完整源码审计 — 提供完整项目源码目录,减少漏报
  2. 保留 Docker 环境 — 便于复现验证与物理证据采集
  3. Gate + Schema 校验 — 交付前确认产物完整性
  4. 分级修复 — confirmed 优先修复,suspected 人工复核
  5. 攻击记忆复用 — 保留 /tmp/<项目名>/attack_memory.db,积累跨项目经验

项目统计

类别
数量
Skill 文件(skills/
121(111 skill + 10 index)
漏洞审计员(2-Stage)
21 types × 2 = 42 files
Skills 子目录
10
JSON Schema
30 个(251 string 字段全约束)
共享知识库(shared/
28 个
阶段定义
7 个
参考文档
9 个
辅助工具
12 个
环境模板
10 个
报告 Chapter Writers
7 个
可控性约束
530+ 项(4 轮深度优化)
Markdown 文件总计
210+ 个

许可证

本项目仅供安全研究和学习使用。请在授权范围内对目标系统进行审计。

最新文章

随机文章

基本 文件 流程 错误 SQL 调试
  1. 请求信息 : 2026-07-03 15:21:05 HTTP/2.0 GET : https://f.mffb.com.cn/a/492292.html
  2. 运行时间 : 0.103299s [ 吞吐率:9.68req/s ] 内存消耗:5,015.76kb 文件加载:140
  3. 缓存信息 : 0 reads,0 writes
  4. 会话信息 : SESSION_ID=edde4f96d5a839eac812350ff0ae3086
  1. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/public/index.php ( 0.79 KB )
  2. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/autoload.php ( 0.17 KB )
  3. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/composer/autoload_real.php ( 2.49 KB )
  4. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/composer/platform_check.php ( 0.90 KB )
  5. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/composer/ClassLoader.php ( 14.03 KB )
  6. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/composer/autoload_static.php ( 4.90 KB )
  7. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-helper/src/helper.php ( 8.34 KB )
  8. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-validate/src/helper.php ( 2.19 KB )
  9. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/helper.php ( 1.47 KB )
  10. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/stubs/load_stubs.php ( 0.16 KB )
  11. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Exception.php ( 1.69 KB )
  12. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-container/src/Facade.php ( 2.71 KB )
  13. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/symfony/deprecation-contracts/function.php ( 0.99 KB )
  14. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/symfony/polyfill-mbstring/bootstrap.php ( 8.26 KB )
  15. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/symfony/polyfill-mbstring/bootstrap80.php ( 9.78 KB )
  16. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/symfony/var-dumper/Resources/functions/dump.php ( 1.49 KB )
  17. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-dumper/src/helper.php ( 0.18 KB )
  18. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/symfony/var-dumper/VarDumper.php ( 4.30 KB )
  19. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/App.php ( 15.30 KB )
  20. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-container/src/Container.php ( 15.76 KB )
  21. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/psr/container/src/ContainerInterface.php ( 1.02 KB )
  22. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/app/provider.php ( 0.19 KB )
  23. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Http.php ( 6.04 KB )
  24. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-helper/src/helper/Str.php ( 7.29 KB )
  25. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Env.php ( 4.68 KB )
  26. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/app/common.php ( 0.03 KB )
  27. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/helper.php ( 18.78 KB )
  28. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Config.php ( 5.54 KB )
  29. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/config/app.php ( 0.95 KB )
  30. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/config/cache.php ( 0.78 KB )
  31. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/config/console.php ( 0.23 KB )
  32. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/config/cookie.php ( 0.56 KB )
  33. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/config/database.php ( 2.48 KB )
  34. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/facade/Env.php ( 1.67 KB )
  35. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/config/filesystem.php ( 0.61 KB )
  36. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/config/lang.php ( 0.91 KB )
  37. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/config/log.php ( 1.35 KB )
  38. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/config/middleware.php ( 0.19 KB )
  39. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/config/route.php ( 1.89 KB )
  40. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/config/session.php ( 0.57 KB )
  41. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/config/trace.php ( 0.34 KB )
  42. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/config/view.php ( 0.82 KB )
  43. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/app/event.php ( 0.25 KB )
  44. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Event.php ( 7.67 KB )
  45. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/app/service.php ( 0.13 KB )
  46. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/app/AppService.php ( 0.26 KB )
  47. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Service.php ( 1.64 KB )
  48. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Lang.php ( 7.35 KB )
  49. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/lang/zh-cn.php ( 13.70 KB )
  50. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/initializer/Error.php ( 3.31 KB )
  51. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/initializer/RegisterService.php ( 1.33 KB )
  52. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/services.php ( 0.14 KB )
  53. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/service/PaginatorService.php ( 1.52 KB )
  54. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/service/ValidateService.php ( 0.99 KB )
  55. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/service/ModelService.php ( 2.04 KB )
  56. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-trace/src/Service.php ( 0.77 KB )
  57. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Middleware.php ( 6.72 KB )
  58. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/initializer/BootService.php ( 0.77 KB )
  59. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/Paginator.php ( 11.86 KB )
  60. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-validate/src/Validate.php ( 63.20 KB )
  61. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/Model.php ( 23.55 KB )
  62. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/model/concern/Attribute.php ( 21.05 KB )
  63. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/model/concern/AutoWriteData.php ( 4.21 KB )
  64. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/model/concern/Conversion.php ( 6.44 KB )
  65. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/model/concern/DbConnect.php ( 5.16 KB )
  66. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/model/concern/ModelEvent.php ( 2.33 KB )
  67. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/model/concern/RelationShip.php ( 28.29 KB )
  68. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-helper/src/contract/Arrayable.php ( 0.09 KB )
  69. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-helper/src/contract/Jsonable.php ( 0.13 KB )
  70. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/model/contract/Modelable.php ( 0.09 KB )
  71. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Db.php ( 2.88 KB )
  72. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/DbManager.php ( 8.52 KB )
  73. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Log.php ( 6.28 KB )
  74. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Manager.php ( 3.92 KB )
  75. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/psr/log/src/LoggerTrait.php ( 2.69 KB )
  76. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/psr/log/src/LoggerInterface.php ( 2.71 KB )
  77. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Cache.php ( 4.92 KB )
  78. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/psr/simple-cache/src/CacheInterface.php ( 4.71 KB )
  79. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-helper/src/helper/Arr.php ( 16.63 KB )
  80. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/cache/driver/File.php ( 7.84 KB )
  81. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/cache/Driver.php ( 9.03 KB )
  82. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/contract/CacheHandlerInterface.php ( 1.99 KB )
  83. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/app/Request.php ( 0.09 KB )
  84. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Request.php ( 55.78 KB )
  85. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/app/middleware.php ( 0.25 KB )
  86. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Pipeline.php ( 2.61 KB )
  87. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-trace/src/TraceDebug.php ( 3.40 KB )
  88. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/middleware/SessionInit.php ( 1.94 KB )
  89. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Session.php ( 1.80 KB )
  90. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/session/driver/File.php ( 6.27 KB )
  91. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/contract/SessionHandlerInterface.php ( 0.87 KB )
  92. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/session/Store.php ( 7.12 KB )
  93. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Route.php ( 23.73 KB )
  94. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/route/RuleName.php ( 5.75 KB )
  95. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/route/Domain.php ( 2.53 KB )
  96. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/route/RuleGroup.php ( 22.43 KB )
  97. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/route/Rule.php ( 26.95 KB )
  98. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/route/RuleItem.php ( 9.78 KB )
  99. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/route/app.php ( 1.72 KB )
  100. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/facade/Route.php ( 4.70 KB )
  101. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/route/dispatch/Controller.php ( 4.74 KB )
  102. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/route/Dispatch.php ( 10.44 KB )
  103. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/app/controller/Index.php ( 4.81 KB )
  104. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/app/BaseController.php ( 2.05 KB )
  105. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/facade/Db.php ( 0.93 KB )
  106. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/connector/Mysql.php ( 5.44 KB )
  107. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/PDOConnection.php ( 52.47 KB )
  108. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/Connection.php ( 8.39 KB )
  109. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/ConnectionInterface.php ( 4.57 KB )
  110. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/builder/Mysql.php ( 16.58 KB )
  111. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/Builder.php ( 24.06 KB )
  112. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/BaseBuilder.php ( 27.50 KB )
  113. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/Query.php ( 15.71 KB )
  114. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/BaseQuery.php ( 45.13 KB )
  115. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/concern/TimeFieldQuery.php ( 7.43 KB )
  116. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/concern/AggregateQuery.php ( 3.26 KB )
  117. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/concern/ModelRelationQuery.php ( 20.07 KB )
  118. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/concern/ParamsBind.php ( 3.66 KB )
  119. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/concern/ResultOperation.php ( 7.01 KB )
  120. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/concern/WhereQuery.php ( 19.37 KB )
  121. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/concern/JoinAndViewQuery.php ( 7.11 KB )
  122. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/concern/TableFieldInfo.php ( 2.63 KB )
  123. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-orm/src/db/concern/Transaction.php ( 2.77 KB )
  124. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/log/driver/File.php ( 5.96 KB )
  125. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/contract/LogHandlerInterface.php ( 0.86 KB )
  126. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/log/Channel.php ( 3.89 KB )
  127. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/event/LogRecord.php ( 1.02 KB )
  128. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-helper/src/Collection.php ( 16.47 KB )
  129. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/facade/View.php ( 1.70 KB )
  130. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/View.php ( 4.39 KB )
  131. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Response.php ( 8.81 KB )
  132. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/response/View.php ( 3.29 KB )
  133. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/Cookie.php ( 6.06 KB )
  134. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-view/src/Think.php ( 8.38 KB )
  135. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/framework/src/think/contract/TemplateHandlerInterface.php ( 1.60 KB )
  136. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-template/src/Template.php ( 46.61 KB )
  137. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-template/src/template/driver/File.php ( 2.41 KB )
  138. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-template/src/template/contract/DriverInterface.php ( 0.86 KB )
  139. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/runtime/temp/067d451b9a0c665040f3f1bdd3293d68.php ( 11.98 KB )
  140. /yingpanguazai/ssd/ssd1/www/f.mffb.com.cn/vendor/topthink/think-trace/src/Html.php ( 4.42 KB )
  1. CONNECT:[ UseTime:0.000580s ] mysql:host=127.0.0.1;port=3306;dbname=f_mffb;charset=utf8mb4
  2. SHOW FULL COLUMNS FROM `fenlei` [ RunTime:0.000894s ]
  3. SELECT * FROM `fenlei` WHERE `fid` = 0 [ RunTime:0.000374s ]
  4. SELECT * FROM `fenlei` WHERE `fid` = 63 [ RunTime:0.000338s ]
  5. SHOW FULL COLUMNS FROM `set` [ RunTime:0.000507s ]
  6. SELECT * FROM `set` [ RunTime:0.000237s ]
  7. SHOW FULL COLUMNS FROM `article` [ RunTime:0.000709s ]
  8. SELECT * FROM `article` WHERE `id` = 492292 LIMIT 1 [ RunTime:0.000867s ]
  9. UPDATE `article` SET `lasttime` = 1783063265 WHERE `id` = 492292 [ RunTime:0.016980s ]
  10. SELECT * FROM `fenlei` WHERE `id` = 64 LIMIT 1 [ RunTime:0.000346s ]
  11. SELECT * FROM `article` WHERE `id` < 492292 ORDER BY `id` DESC LIMIT 1 [ RunTime:0.000525s ]
  12. SELECT * FROM `article` WHERE `id` > 492292 ORDER BY `id` ASC LIMIT 1 [ RunTime:0.000408s ]
  13. SELECT * FROM `article` WHERE `id` < 492292 ORDER BY `id` DESC LIMIT 10 [ RunTime:0.001048s ]
  14. SELECT * FROM `article` WHERE `id` < 492292 ORDER BY `id` DESC LIMIT 10,10 [ RunTime:0.003795s ]
  15. SELECT * FROM `article` WHERE `id` < 492292 ORDER BY `id` DESC LIMIT 20,10 [ RunTime:0.006816s ]
0.104876s