新特性：

优化时间盲注检测逻辑，引入三阶梯验证与标准差过滤
详情：
准确度优化： 将原有的固定验证改为 2s/4s/8s 三阶梯时延验证，确保耗时随 Payload 线性增长，有效排除固定慢查询干扰。
噪声过滤： 引入统计学标准差（Standard Deviation），增加 avg + 3*stdDev (3-Sigma) 判定阈值，自动适应不同质量的网络环境，压制网络抖动导致的误报。
结构重构： 更新 TimeBasedDetectionStatInfo 结构，将固定验证字段改为动态 Steps 切片，支持记录多轮验证数据。
回归测试： 在输出漏洞前增加原始请求恢复性验证，排除服务器整体瞬时负载波动干扰。

New features
[1] Optimize command-line scanning parameters to enable batch scanning for both dynamic and static crawlers.

./wscan  --log-level=debug ws --basic-crawler --url http://testphp.vulnweb.com/ --json-output=wscan_scan_result.json --html-output=wscan_scan_result.html
./wscan  --log-level=debug ws --basic-crawler  --url-file=/wscan/url_file.txt --html-output=wscan_scan_result.html
./wscan  --log-level=debug ws --browser --url  http://testphp.vulnweb.com/ --html-output=wscan_scan_result.html
./wscan  --log-level=debug ws --browser --url-file=/wscan/url_file.txt  --html-output=wscan_scan_result.html
./wscan  --log-level=debug ws --url http://testphp.vulnweb.com/listproducts.php?cat=1  --json-output=wscan_scan_result.json
./wscan  --log-level=debug ws --url-file=/wscan/url_file.txt --html-output=wscan_scan_result.html
./wscan  --log-level=debug ws --poc=/your_wscan_poc/wscan-poc/pocs/* --url http://testphp.vulnweb.com/ --html-output=wscan_scan_result.html

New features

[1] Added MCP Server Mode
WScan now supports running as an MCP (Model Context Protocol) server, enabling remote task management and website security scanning via standard MCP interfaces—ideal for integration with AI agents or automated pipelines.
The MCP service uses the Streamable HTTP communication protocol, allowing real-time streaming of results during task execution.

Example startup command:

./wscan mcp --mcp-host=0.0.0.0 --mcp-port=7001

Bug Fixes

[1] Fixed Default User-Agent Configuration
Resolved an issue where the default User-Agent was missing or incorrectly formatted, improving compatibility and success rate of scan requests.
[2] Fixed the issue of missed crawls caused by filtering rules.
[3] Fixed the crash caused by malformed URLs in the url-file.

New features

[1] Added MCP Server Mode
WScan now supports running as an MCP (Model Context Protocol) server, enabling remote task management and website security scanning via standard MCP interfaces—ideal for integration with AI agents or automated pipelines.
The MCP service uses the Streamable HTTP communication protocol, allowing real-time streaming of results during task execution.

Example startup command:

./wscan mcp --mcp-host=0.0.0.0 --mcp-port=7001

Bug Fixes

[1] Fixed Default User-Agent Configuration
Resolved an issue where the default User-Agent was missing or incorrectly formatted, improving compatibility and success rate of scan requests.

New features
[1] Performance optimizations have been made to the reverse connection platform, improving system response speed and stability.

New features
[1] Fix the issue of error reporting when loading Nuclei plugins

New features
[1] Added 2 new SQL injection payloads for improved detection coverage
[2] Fixed an issue where cookie injection failed due to missing value encoding
[3] Resolved an array index out-of-bounds vulnerability in path injection handling

New features
[1] Fix path fuzzing failure caused by extra URL encoding

New features
[1] Support for http path parameter fuzz testing
[2] Enhanced fuzz testing capabilities for HTTP Headers
[3] Fixed an issue where disabling the fingerprint plugin had no effect

New features

[1] Support for Fuzzing complex JSON and XML requests, such as lists, fields, etc.
[2] Baseline checks are disabled by default, temporarily turned off for optimization.
[3] Headless browser is enabled by default, with the browser window hidden.