Giter Site home page Giter Site logo

umutcamliyurt / jsrecon Goto Github PK

View Code? Open in Web Editor NEW
7.0 2.0 1.0 29 KB

A powerful tool designed for identifying hidden endpoints and sensitive information within JavaScript files on a website.

License: MIT License

Go 100.00%
endpoint-discovery hacking-tools infosec recon reconnaissance sensitive-data-discovery sensitive-data-exposure

jsrecon's Introduction

JSRecon

A powerful tool designed for identifying hidden endpoints and sensitive information within JavaScript files on a website.

Description:

JSRecon is a powerful tool designed for identifying hidden endpoints and sensitive information within JavaScript files on a website. It finds hidden URLs and hard-coded sensitive information to assist with detecting vulnerabilities.

Features:

  • Fast crawler
  • Finds sensitive information(API keys, e-mail(s), internal addresses...)
  • Discovers hidden endpoints
  • Built in Go

Installation:

Option 1:

Download from releases

Option 2:

Run the following command to get the repo:

$ go install -v github.com/Nemesis0U/JSRecon@latest

Usage:

Options:

./jsrecon -h
NAME:
   JSRecon - Scan and extract endpoint URLs and sensitive data from JS files on a website

USAGE:
   JSRecon [global options] command [command options] [arguments...]

COMMANDS:
   help, h  Shows a list of commands or help for one command

GLOBAL OPTIONS:
   --url value, -u value     URL of the website to scan (required)
   --keyword value           Keyword to search for in JavaScript code (optional)
   --output value, -o value  Output file to save the links (optional)
   --show-as-domain          Show results as domains instead of full URLs (optional) (default: false)
   --show-sensitive          Show sensitive data found in JS files (optional) (default: false)
   --cookie value            Custom cookie to include in the request (optional)
   --help, -h                show help

Example:

./jsrecon -u https://www.tiktok.com --show-sensitive --output results.txt --show-as-domain

Data saved to results.txt

IP Address: 1.0.0.73
IP Address: 1.0.1.234
API Key: 3319de946467a5e2530ff6f04830521452419c9a548f85fca089ebc9cf8c22a8
Credential: username
Credential: Username
Credential: Password
Credential: password
Email Address: [email protected]
Email Address: [email protected]
Email Address: [email protected]
Email Address: [email protected]
Email Address: [email protected]
API Key: 2023101515264400AB6AE6E1431E45CF25
API Key: 858a8ca65482457eac325ed2eeb463b0
API Key: f0dae91b3b5c2419f57f9e25a02df551
API Key: 47ee01b829cee66c47ef333f6fd4d7bb
API Key: f549fe8da2aebb5b2bae6f5389b6a016

...

IP Address: 1.0.0.201
Credential: secret
sf16-website-login.neutral.ttwstatic.com
lf16-tiktok-web.tiktokcdn-us.com
im-api-va.tiktok.com
m.tiktok.com
www.tiktok.com
starling-oversea.byteoversea.com
mcs-va-useast2a.tiktokv.com
vmweb-va.byteoversea.com
webcast.tiktok.com
f-p.sgsnssdk.com
sf16-tcc-tos-va.byteoversea.com
api.tiktok.com

License

Distributed under the MIT License. See LICENSE for more information.

jsrecon's People

Contributors

umutcamliyurt avatar

Stargazers

avatar avatar avatar Neo avatar avatar Suri avatar avatar

Watchers

avatar avatar

Forkers

saraiva

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.