#javascript

JS-Tap
JS-Tap

JavaScript payload and supporting software to be used as XSS payload or post exploitation implant.

nodejsscan
nodejsscan

A static security code scanner for Node.js applications.

UglifyJS
UglifyJS

A JavaScript parser, minifier, compressor and beautifier toolkit.

MapperPlus
MapperPlus

An advanced source map extractor based on headless browser.

pmd
pmd

An extensible multilanguage static code analyzer.

sourcemapper
sourcemapper

Extract JavaScript source trees from source map files.

jsluice
jsluice

Extract URLs, paths, secrets, and other interesting bits from JavaScript.

jswzl
jswzl

Improve your web application aecurity testing with rich data from static analysis.

Frida
Frida

Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.

subjs
subjs

Fetches javascript file from a list of URLS or subdomains.

endext
endext

A tool for extracting all the possible endpoints from the JS files.

jsleak
jsleak

Find secrets, paths or links in the source code.

SecretFinder
SecretFinder

SecretFinder is a script based on LinkFinder, written to find sensitive data in JavaScript files.

JSpector
JSpector

Burp Suite extension to crawl JS files in passive mode and display the results on the issues.

jsfinder
jsfinder

Fetches JavaScript files quickly and comprehensively from a defined list of URLs or domains.

Aranea
Aranea

OSINT tool used for web crawling or examining JavaScript files for likely useful data.

Photon
Photon

Incredibly fast crawler designed for OSINT.

Dangerous Methods
Dangerous Methods

A Burp Suite extension for finding the use of potentially dangerous methods/functions.

JSgen
JSgen

Generate javascript code to be injected in case you find a Server Side Javascript Injection.

Injectify
Injectify

Perform advanced MiTM attacks on websites with ease.

BurpBeautifier
BurpBeautifier

Burpsuite extension for beautifying request/response body.

JSShell
JSShell

An interactive multi-user web JS shell.

BurpJSLinkFinder
BurpJSLinkFinder

Burp Extension for a passive scanning JS files for endpoint links.

linx
linx

Reveals invisible links within JavaScript files.

getJS
getJS

A tool to fastly get all javascript sources/files.

GoLinkFinder
GoLinkFinder

A fast and minimal JS endpoint extractor.

JS-Scan
JS-Scan

A .js scanner, built in PHP, designed to scrape urls and other info.

Retire.js
Retire.js

Detects the use of JavaScript libraries with known vulnerabilities.