Anything Analyzer

Overview#

Anything Analyzer is an all-in-one protocol analysis desktop application designed for developers and security researchers. It achieves full-scenario traffic capture — from web pages, mobile devices, terminal scripts to microservice calls — through a built-in CDP-based browser and a node-forge-based MITM HTTPS proxy, addressing the lack of automation and AI assistance in traditional packet capture tools when dealing with modern web encryption and JS reverse engineering.

Core Capabilities#

Full-Scenario Traffic Capture#

• Embedded Browser Capture: CDP-based built-in browser for direct website interaction and network request capture
• MITM HTTPS Proxy: Built-in proxy (default port 8888, node-forge TLS) supporting system/manual/Wi-Fi proxy modes
• Unified Session Management: Requests from browsers, desktop apps, terminals, scripts, and mobile/IoT devices merge into a single session
• CA Certificate Management: Built-in certificate download page (similar to mitmproxy's mitm.it), auto-detecting iOS/Android/desktop for guided installation

AI-Powered Analysis Engine#

• Two-Phase Analysis: Phase 1 intelligently filters noise requests → Phase 2 focuses on deep analysis
• 5 Analysis Modes: Auto-detect / API Reverse Engineering / Security Audit / Performance Analysis / JS Crypto Reverse Engineering
• JS Hook Injection: Auto-intercepts fetch, XHR, crypto.subtle, CryptoJS, SM2/3/4 and other crypto calls
• Crypto Code Extraction: Automatically extracts encryption-related code snippets from JS files
• Streaming Output + Multi-Turn Follow-up: Real-time streaming analysis reports with support for detailed follow-up questions
• LLM Support: Compatible with OpenAI / Anthropic / any compatible API (Chat Completions + Responses API)

MCP Ecosystem Integration#

• Built-in MCP Server: Exposes capture and analysis capabilities as MCP tools, directly callable by Claude Desktop, Cursor and other AI IDEs
• MCP Client: Connects to external MCP Servers (stdio + StreamableHTTP) to extend AI analysis capabilities

Auxiliary Features#

• Interaction Recording (v3.6.2+): Records clicks, input, scrolling, mouse movement trajectories with full selector and attribute viewing
• Fingerprint Spoofing and WebSocket Proxy Support (v3.6.3+)
• Bilingual Interface (Chinese/English) + Theme Switching
• Auto-update (macOS signed and notarized)

Typical Use Cases#

Architecture#

• App Framework: Electron 35 + electron-vite
• Frontend: React 19 + Ant Design 5 + TypeScript (89.6%) + CSS (10.4%)
• Data Storage: better-sqlite3 (local SQLite)
• Protocol & Proxy: Chrome DevTools Protocol (CDP) + built-in MITM HTTPS proxy (node-forge TLS)
• AI Integration: OpenAI / Anthropic / Custom LLM + MCP (stdio + StreamableHTTP)
• Engineering: Vitest testing framework + electron-builder cross-platform packaging

Installation & Usage#

Direct Install: Download platform-specific installers from GitHub Releases (Windows .exe, macOS .dmg for Apple Silicon/Intel, Linux .AppImage).

Build from Source:

git clone https://github.com/MouseWW/anything-analyzer.git
cd anything-analyzer
pnpm install
pnpm dev        # Dev mode
pnpm test       # Run tests
pnpm build && npx electron-builder --win

Requirements: Node.js >= 18, pnpm, Visual Studio Build Tools (Windows)

Proxy Configuration Examples:

# Terminal
curl -x http://127.0.0.1:8888 https://api.example.com/data
# Python
proxies = {"http": "http://127.0.0.1:8888", "https": "http://127.0.0.1:8888"}
requests.get("https://api.example.com/data", proxies=proxies)
# Node.js
HTTP_PROXY=http://127.0.0.1:8888 HTTPS_PROXY=http://127.0.0.1:8888 node app.js

Mobile Configuration: Wi-Fi Settings → HTTP Proxy → Manual → Enter computer IP + port 8888, then visit http://cert.anything.test to download and install the CA certificate.

Version Info#

• Latest release: v3.6.6 (marked as Latest on GitHub Releases)
• v3.6.7 recorded in RELEASE_NOTES.md, possibly in release process
• Total commits: 107, contributors: 8, tags: 34
• MIT open source license