jswzl
Improve your web application aecurity testing with rich data from static analysis.
- Instantly find relevant code
jswzl instantly analyses code to find the most relevant expressions in the code, and highlights them for you. Instantly get an overview of the code, and dig into most important parts.
- Fits in with your existing tools
Leverage your existing experience with tools you love.
- Pre-fetch lazy-loaded scripts
Tools like Webpack often split code into chunks, and lazy loads them. jswzl will detect and pre-fetch chunks that are dynamically referenced.
- Unpack packed scripts
Packed scripts can be a pain to work with. But jswzl will unpack packed code into their own logical files, and let you view the original structure of the code.
- Discover & apply source mappings
When a HTTP response contains JavaScript, the jswzl Burp Plugin will attempt to load the .map file, if the source map is not in the file directly. It will then apply the source mapping, making the code more readable.
- Prettify code
Most JavaScript served these days is heavily minified, which is impossible to read. But all code analyzed by jswzl is prettified and consistent in formatting.
- Optimize code
Transpilers and minifiers often create weird code that makes no sense. Sometimes developers do weird things, that can be greatly simplified. jswzl optimizes certain types of codes to make interpretation easier.
- Resolve code references
The analysis engine in jswzl utilizes static analysis to reference variables, in order to better be able to identify expressions of interest, which may not be easily found without the ability to dereference variables.
- Framework agnostic
jswzl doesn't care what frameworks the code uses. Thanks to JavaScript being dynamically typed, the analysis engine relies entirely on heuristics. This means it's not tied specific frameworks.
- Supports common frameworks
But we've ALSO enhanced the engine with the ability to understand code patterns from frameworks like Angular, React, Ext JS, and many other frameworks.