LinkFinder: finds endpoints in JavaScript files

LinkFinder

LinkFinder is a python script written to discover endpoints and their parameters in JavaScript files. This way penetration testers and bug hunters are able to gather new, hidden endpoints on the websites they are testing. Resulting in the new testing ground, possibly containing new vulnerabilities. It does so by using jsbeautifier for python in combination with a fairly large regular expression. The regular expressions consist of four small regular expressions. These are responsible for finding:

  • Full URLs (https://example.com/*)
  • Absolute URLs or dotted URLs (/* or ../*)
  • Relative URLs with at least one slash (text/test.php)
  • Relative URLs without a slash (test.php)

The output is given in HTML. Karel_origin has written a chrome extension for LinkFinder which can be found here.

Installation

$ git clone https://github.com/GerbenJavado/LinkFinder.git
$ cd LinkFinder
$ python setup.py install

Usage

LinkFinder

Copyright (c) 2018 Gerben Janssen van Doorn

Source: https://github.com/GerbenJavado/