Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/0x240x23elu/JSScanner

Js File Scanner
https://github.com/0x240x23elu/JSScanner

Last synced: 3 months ago
JSON representation

Js File Scanner

Host: GitHub
URL: https://github.com/0x240x23elu/JSScanner
Owner: 0x240x23elu
Created: 2021-01-22T05:48:09.000Z (almost 4 years ago)
Default Branch: main
Last Pushed: 2021-12-23T12:41:05.000Z (almost 3 years ago)
Last Synced: 2024-06-06T23:41:18.706Z (5 months ago)
Language: Python
Size: 56.6 KB
Stars: 155
Watchers: 4
Forks: 44
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-hacking-lists - 0x240x23elu/JSScanner - Js File Scanner (Python)

README

        # JSScanner

Js File Scanner

This is Js File Scanner . Which are scan  in js file and  find juicy information Toke,Password Etc.

[![Watch the video](https://img.youtube.com/vi/hsT5BL_EV-g/1.jpg)](https://www.youtube.com/watch?v=hsT5BL_EV-g)

## Installation :

```

git clone https://github.com/0x240x23elu/JSScanner.git

cd JSScanner

pip3 install -r  requirements.txt

```

## Note

```

If you Want to Add New Regex , Please check Regex in python regex checker . Regex File Regex.txt

Output file bydefault output.txt

```

## How to Use

```

echo "example.com" | waybackurls | grep -iE '\.js'|grep -ivE '\.json'|sort -u  > j.txt

or

echo "example.com" | waybackurls | httpx > live.txt

```

```

python3 JSScanner.py

Please Enter Any File: text.txt (your links file)

Path Of Regex/Patten File: regex.txt (your regex file)

```

## Open redirect 

```

 Now JSScanner fetch open redirect param from Live site

 Copy Below Regex in Regex.txt

 

 (next=|url=|target=|rurl=|dest=|destination=|redir=|redirect_uri=|redirect_url=|redirect=|/redirect/|cgi-bin/|redirect.cgi|/out/|/out|view=|loginto=|image_url=|go=|return=|returnTo=|return_to=|checkout_url=|dest=|redirect=|uri=|path=|continue=|url=|window=|to=|out=|view=|dir=|show=|navigation=|Open=|url=|file=|val=|validate=|domain=|callback=|return=|page=|feed=|host=|port=|next=|data=|reference=|site=)((http|https):\/\/)(([\w.-]*)\.([\w]*)\.([A-z]))\w+

 

(next=|url=|target=|rurl=|dest=|destination=|redir=|redirect_uri=|redirect_url=|redirect=|/redirect/|cgi-bin/|redirect.cgi|/out/|/out|view=|loginto=|image_url=|go=|return=|returnTo=|return_to=|checkout_url=|dest=|redirect=|uri=|path=|continue=|url=|window=|to=|out=|view=|dir=|show=|navigation=|Open=|url=|file=|val=|validate=|domain=|callback=|return=|page=|feed=|host=|port=|next=|data=|reference=|site=)(http|https)

(next=|url=|target=|rurl=|dest=|destination=|redir=|redirect_uri=|redirect_url=|redirect=|/redirect/|cgi-bin/|redirect.cgi|/out/|/out|view=|loginto=|image_url=|go=|return=|returnTo=|return_to=|checkout_url=|dest=|redirect=|uri=|path=|continue=|url=|window=|to=|out=|view=|dir=|show=|navigation=|Open=|url=|file=|val=|validate=|domain=|callback=|return=|page=|feed=|host=|port=|next=|data=|reference=|site=)((http|https):\/\/)?(([\w.-]*)\.([\w]*)\.([A-z]))\w+

```

## video

```

https://www.youtube.com/watch?v=hsT5BL_EV-g

https://youtu.be/hsT5BL_EV-g

[![Watch the video](https://img.youtube.com/vi/hsT5BL_EV-g/1.jpg)](https://www.youtube.com/watch?v=hsT5BL_EV-g)

```

## Some Regex 

```

Thank you 

```

https://github.com/odomojuli

https://github.com/odomojuli/RegExAPI

| Name | Type | Regex |

| :---         |     :---:      |          ---: |

|    |     |    |

|     |       |      |

| Twitter      | Access Token    | [1-9][ 0-9]+-[0-9a-zA-Z]{40}  |

| Twitter	| Access Token | [1-9][ 0-9]+-[0-9a-zA-Z]{40}|	

| Facebook	| Access Token	| EAACEdEose0cBA[0-9A-Za-z]+| 	

| Facebook	| OAuth 2.0	| [A-Za-z0-9]{125}| login/access-tokens/ |

| Instagram	| OAuth 2.0	| [0-9a-fA-F]{7}.[0-9a-fA-F]{32}| 

| Google	| OAuth 2.0 | API Key	| AIza[0-9A-Za-z-_]{35}	| 

| GitHub	| OAuth 2.0	| [0-9a-fA-F]{40}|

| Gmail	| OAuth 2.0	| [0-9(+-[0-9A-Za-z_]{32}.apps.qooqleusercontent.com| 	

| Foursquare	| Client Key	| [0-9a-zA-Z_][5,31]| 	

| Foursquare	| Secret Key	| R_[0-9a-f]{32}| 	

| Picatic	| API Key	| sk_live_[0-9a-z]{32}| 	

| Stripe	| Standard API Key	| sk_live_(0-9a-zA-Z]{24}| 	

| Stripe	| Restricted API Key	| sk_live_(0-9a-zA-Z]{24}| 	

| Finance	Square	| Access Token	| sqOatp-[0-9A-Za-z-_]{22}| 	

| Finance	Square	| OAuth Secret	| q0csp-[ 0-9A-Za-z-_]{43}| 	

| Finance	| Paypal / Braintree	| Access Token	| access_token,production$[0-9a-z]{161[0-9a,]{32}| 	

| AMS	| Auth Token	| amzn.mws]{8}-[0-9a-f]{4}-10-9a-f1{4}-[0-9a,]{4}-[0-9a-f]{12}| 	

| Twilio	| API Key  | 55[0-9a-fA-F]{32}| 	

| MailGun	| API Key	| key-[0-9a-zA-Z]{32}| 

| MailChimp	| API Key	| [0-9a-f]{32}-us[0-9]{1,2}| 	

| Slack	| API Key	| xox[baprs]-[0-9]{12}-[0-9]{12}-[0-9a-zA-Z]{24}| 	

| Amazon Web Services	| Access Key ID	| AKIA[0-9A-Z]{16}| 	

| Amazon Web Services	| Secret Key	| [0-9a-zA-Z/+]{40}| 	

| Google Cloud Platform	| OAuth 2.0	| [0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}| 	

| Google Cloud Platform	| API Key	| [A-Za-z0-9_]{21}--[A-Za-z0-9_]{8}| 	

| Heroku	| API Key	| [0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}| 	

| Heroku	| OAuth 2.0	| [0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}|