Upgrading jsleak with a CI/CD and new rules
 
 
Go to file
Chan Nyein Wai 3149c0c7e3
Delete help.png
2023-03-29 21:15:17 +07:00
images Create test 2023-03-29 21:14:52 +07:00
README.md Update README.md 2023-03-29 21:12:25 +07:00
linkfinder.png Add files via upload 2023-03-29 21:13:41 +07:00
main.go Create main.go 2023-03-29 21:14:09 +07:00
multipleFlags.png Add files via upload 2023-03-29 21:13:41 +07:00
secret.png Add files via upload 2023-03-29 21:13:41 +07:00
status_code.png Add files via upload 2023-03-29 21:13:41 +07:00

README.md

Description

I was developing jsleak during most of my free time for my own need.It is easy-to-use command-line tool designed to uncover secrets and links in JavaScript files or source code. The jsleak was inspired by Linkfinder and regexes are collected from multiple sources.

Features:

  • Discover secrets in JS files such as API keys, tokens, and passwords.
  • Identify links in the source code.
  • Complete Url Function
  • Concurrent processing for scanning of multiple Urls
  • Check status code if the url is alive or not

Instllation

go install github.com/channyein1337/jsleak/@latest

Usage

To display help message

jsleak -h

Secret Finder

echo http://testphp.vulnweb.com/ | jsleak -s

Link Finder

echo http://testphp.vulnweb.com/ | jsleak -l

Complete Url

echo http://testphp.vulnweb.com/ | jsleak -e

Check Status

echo http://testphp.vulnweb.com/ | jsleak -c 20 -k

You can also use multiple flags

echo http://testphp.vulnweb.com/ | jsleak -c 20 -l -s 

Running with Urls

cat urls.txt | jsleak -l -s -c 30

To Do

  • Support scanning local files.
  • Support scanning apk files.
  • Update Regex.
  • Support mulitple user agents.