https://github.com/cc1a2b/JShunter
JShunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vulnerabilities, making it an essential resource for developers and security researchers.
https://github.com/cc1a2b/JShunter
bugbounty bugbounty-tool bugbountytips hacker javascript javascript-tools pentest pentest-tool pentesting
Last synced: 3 months ago
JSON representation
JShunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vulnerabilities, making it an essential resource for developers and security researchers.
- Host: GitHub
- URL: https://github.com/cc1a2b/JShunter
- Owner: cc1a2b
- License: mit
- Created: 2024-10-29T09:17:51.000Z (6 months ago)
- Default Branch: main
- Last Pushed: 2024-12-15T18:32:09.000Z (5 months ago)
- Last Synced: 2024-12-15T19:34:07.964Z (5 months ago)
- Topics: bugbounty, bugbounty-tool, bugbountytips, hacker, javascript, javascript-tools, pentest, pentest-tool, pentesting
- Language: Go
- Homepage:
- Size: 150 KB
- Stars: 243
- Watchers: 6
- Forks: 31
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - cc1a2b/JShunter - jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vuln (Go)
README
# jshunter
**jshunter** is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security vulnerabilities, making it an essential resource for developers, bug bounty and security researchers.
## Features
- **Endpoint Extraction**: Automatically scans JavaScript files for URLs and API endpoints, allowing users to quickly identify potential points of interest.
- **Sensitive Data Detection**: The tool analyzes the JavaScript code to uncover hard-coded secrets, API keys, and other sensitive information that could lead to security breaches.
- **Customizable Options**: Users can specify various parameters, such as the number of threads for concurrent processing, cookies for authenticated sessions, and proxy settings for network configurations.
- **Flexible Input**: Supports input from single URLs, lists of URLs from text files, and direct JavaScript file paths, providing flexibility based on user needs.
- **Output Options**: Results can be saved to a specified output file, enabling easy access to the data extracted during the analysis.
## Usage Example
To use jshunter, run the following command:
```
cat urls.txt | grep "\.js" | jshunter
```
or
```
jshunter -u "https://example.com/javascript.js"
```
or
```
jshunter -l jsurls.txt
```
or
```
jshunter -f javascript.js
```
This command will analyze the specified JavaScript file and output the results to the console.
## Flags
- `-u, --url `: Input a URL to analyze.
- `-l, --list `: Input a file with URLs (.txt) to analyze.
- `-f, --file `: Path to a JavaScript file to analyze.
- `-o, --output `: Where to save the output file (default: output.txt).
- `-t, --threads `: Number of concurrent threads (default: 5).
- `-c, --cookies `: Add cookies for authenticated JS files.
- `-p, --proxy `: Set proxy (host:port).
- `-nc, --no-color`: Disable color output.
- `-q, --quiet`: Suppress ASCII art output.
- `-r, --regex `: RegEx for filtering purposes against found endpoints.
- `-h, --help`: Display this help message.
## Install
You can either install using go:
```
go install -v github.com/cc1a2b/jshunter@latest
```
Or download a [binary release](https://github.com/cc1a2b/jshunter/releases) for your platform.
## License
JShunter is released under MIT license. See [LICENSE](https://github.com/cc1a2b/jshunter/blob/master/LICENSE).
