#javascript

jsluice on offsec.tools
jsluice

Extract URLs, paths, secrets, and other interesting bits from JavaScript.

#directories   #endpoints   #javascript   #secrets  

jswzl on offsec.tools
jswzl

Improve your web application aecurity testing with rich data from static analysis.

#codeanalysis   #javascript  

Frida on offsec.tools
Frida

Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.

#codeanalysis   #javascript   #mobile   #reverse-engineering   #toolkit  

subjs on offsec.tools
subjs

Fetches javascript file from a list of URLS or subdomains.

#endpoints   #javascript   #secrets  

endext on offsec.tools
endext

A tool for extracting all the possible endpoints from the JS files.

#endpoints   #javascript   #regexp  

jsleak on offsec.tools
jsleak

Find secrets, paths or links in the source code.

#endpoints   #javascript   #secrets  

SecretFinder on offsec.tools
SecretFinder

SecretFinder is a script based on LinkFinder, written to find sensitive data in JavaScript files.

#javascript   #parser   #regexp   #secrets  

JSpector on offsec.tools
JSpector

Burp Suite extension to crawl JS files in passive mode and display the results on the issues.

#burpsuite   #endpoints   #javascript   #parser   #regexp  

jsfinder on offsec.tools
jsfinder

Fetches JavaScript files quickly and comprehensively from a defined list of URLs or domains.

#crawler   #endpoints   #javascript  

Aranea on offsec.tools
Aranea

OSINT tool used for web crawling or examining JavaScript files for likely useful data.

#crawler   #endpoints   #javascript   #regexp   #secrets  

Photon on offsec.tools
Photon

Incredibly fast crawler designed for OSINT.

#crawler   #endpoints   #files   #javascript   #osint   #secrets   #subdomains   #webarchives  

Dangerous Methods on offsec.tools
Dangerous Methods

A Burp Suite extension for finding the use of potentially dangerous methods/functions.

#angular   #burpsuite   #javascript   #jquery   #react   #vuejs  

JSgen on offsec.tools
JSgen

Generate javascript code to be injected in case you find a Server Side Javascript Injection.

#javascript   #payloads   #shell   #ssji   #vulnerabilities  

Injectify on offsec.tools
Injectify

Perform advanced MiTM attacks on websites with ease.

#javascript   #mitm   #shell   #xss  

BurpBeautifier on offsec.tools
BurpBeautifier

Burpsuite extension for beautifying request/response body.

#burpsuite   #html   #javascript   #json   #xml  

JSShell on offsec.tools
JSShell

An interactive multi-user web JS shell.

#exploits   #javascript   #shell   #xss  

BurpJSLinkFinder on offsec.tools
BurpJSLinkFinder

Burp Extension for a passive scanning JS files for endpoint links.

#burpsuite   #endpoints   #javascript  

linx on offsec.tools
linx

Reveals invisible links within JavaScript files.

#endpoints   #javascript  

getJS on offsec.tools
getJS

A tool to fastly get all javascript sources/files.

#javascript  

GoLinkFinder on offsec.tools
GoLinkFinder

A fast and minimal JS endpoint extractor.

#endpoints   #javascript  

JS-Scan on offsec.tools
JS-Scan

A .js scanner, built in PHP, designed to scrape urls and other info.

#endpoints   #javascript   #secrets  

Retire.js on offsec.tools
Retire.js

Detects the use of JavaScript libraries with known vulnerabilities.

#burpsuite   #cves   #fingerprint   #javascript   #scanner  

Wappalyzer on offsec.tools
Wappalyzer

Identify technology on websites.

#cms   #framework   #javascript   #technologies