Create js-analyse.yaml

I create a template that "Analyse" js files for bug bounty hunters : - Extract Tokens. - Extract endpoints. - Extract URI. - Extract Variables names. (All in one)
2023-03-09 13:27:18 +01:00 · 2023-03-09 13:27:18 +01:00 · 81c40aa4e2
parent 7617bde320
commit 81c40aa4e2
1 changed files with 34 additions and 0 deletions
--- a/file/js/js-analyse.yaml
+++ b/file/js/js-analyse.yaml
@ -0,0 +1,34 @@
+id: js-analyse
+info:
+  name: js-analyse
+  author: ayadim
+  severity: low
+  tags: file,js-analyse,js
+
+file:
+  - extensions:
+      - js
+    extractors:
+      - type: regex
+        name: Extracted-Token
+        regex:
+          - "(?i)(([a-z0-9]+)[-|_])?(key|password|passwd|pass|pwd|private|credential|auth|cred|creds|secret|access|token)([-|_][a-z]+)?(\\s)*(:|=)+"    
+      - type: regex
+        name: Extracted-Varaibles-Name
+        regex:
+          #since go does not support lookahead in regex it hard to return only the names :/
+          - "(?i)(var|const|let)\\s+([a-z_$][0-9a-z_$]*)\\s*="          
+      - type: regex
+        name: Extracted-Endpoints
+        regex:
+        #case : './path/file' or "/path/file"
+          - "(?i)('|\")((\\.{0,2})|([a-z0-9-_]*))/([a-z0-9-_/=:&?\\.]+)('|\")"
+        #case "`${ this.hostServer }/rest/basket/${ e }"
+          - "(?i)}\\s*/[a-z0-9-_?=&/]+"
+        #case "path: 'login',"
+          - "(?i)path\\s*(:|=)\\s*('|\")[a-z0-9-_?=&:\\./]+('|\")"
+      - type: regex
+        name: Extracted-URI
+        regex:
+        #case we have a URI that match any of the following schemas (http|https|file|data|resource|ftp|mailto|ssh|tel|urn|ws|wss ... etc )
+          - "(?i)([a-z]{0,10}):(//|/)[a-z0-9\\./?&-_=:]+"