Js File Scanner This is Js File Scanner

Overview

JSScanner

Js File Scanner This is Js File Scanner . Which are scan in js file and find juicy information Toke,Password Etc.

Watch the video

Installation :

git clone https://github.com/0x240x23elu/JSScanner.git
cd JSScanner
pip3 install -r  requirements.txt

Note

If you Want to Add New Regex , Please check Regex in python regex checker . Regex File Regex.txt
Output file bydefault output.txt

How to Use

echo "example.com" | waybackurls | grep -iE '\.js'|grep -ivE '\.json'|sort -u  > j.txt
or
echo "example.com" | waybackurls | httpx > live.txt

python3 JSScanner.py
Please Enter Any File: text.txt (your links file)
Path Of Regex/Patten File: regex.txt (your regex file)

Open redirect

 Now JSScanner fetch open redirect param from Live site
 Copy Below Regex in Regex.txt
 
 (next=|url=|target=|rurl=|dest=|destination=|redir=|redirect_uri=|redirect_url=|redirect=|/redirect/|cgi-bin/|redirect.cgi|/out/|/out|view=|loginto=|image_url=|go=|return=|returnTo=|return_to=|checkout_url=|dest=|redirect=|uri=|path=|continue=|url=|window=|to=|out=|view=|dir=|show=|navigation=|Open=|url=|file=|val=|validate=|domain=|callback=|return=|page=|feed=|host=|port=|next=|data=|reference=|site=)((http|https):\/\/)(([\w.-]*)\.([\w]*)\.([A-z]))\w+
 
(next=|url=|target=|rurl=|dest=|destination=|redir=|redirect_uri=|redirect_url=|redirect=|/redirect/|cgi-bin/|redirect.cgi|/out/|/out|view=|loginto=|image_url=|go=|return=|returnTo=|return_to=|checkout_url=|dest=|redirect=|uri=|path=|continue=|url=|window=|to=|out=|view=|dir=|show=|navigation=|Open=|url=|file=|val=|validate=|domain=|callback=|return=|page=|feed=|host=|port=|next=|data=|reference=|site=)(http|https)

(next=|url=|target=|rurl=|dest=|destination=|redir=|redirect_uri=|redirect_url=|redirect=|/redirect/|cgi-bin/|redirect.cgi|/out/|/out|view=|loginto=|image_url=|go=|return=|returnTo=|return_to=|checkout_url=|dest=|redirect=|uri=|path=|continue=|url=|window=|to=|out=|view=|dir=|show=|navigation=|Open=|url=|file=|val=|validate=|domain=|callback=|return=|page=|feed=|host=|port=|next=|data=|reference=|site=)((http|https):\/\/)?(([\w.-]*)\.([\w]*)\.([A-z]))\w+


video

https://www.youtube.com/watch?v=hsT5BL_EV-g
https://youtu.be/hsT5BL_EV-g
[![Watch the video](https://img.youtube.com/vi/hsT5BL_EV-g/1.jpg)](https://www.youtube.com/watch?v=hsT5BL_EV-g)

Some Regex

Thank you 

https://github.com/odomojuli https://github.com/odomojuli/RegExAPI

Name Type Regex
Twitter Access Token [1-9][ 0-9]+-[0-9a-zA-Z]{40}
Twitter Access Token [1-9][ 0-9]+-[0-9a-zA-Z]{40}
Facebook Access Token EAACEdEose0cBA[0-9A-Za-z]+
Facebook OAuth 2.0 [A-Za-z0-9]{125}
Instagram OAuth 2.0 [0-9a-fA-F]{7}.[0-9a-fA-F]{32}
Google OAuth 2.0 API Key
GitHub OAuth 2.0 [0-9a-fA-F]{40}
Gmail OAuth 2.0 [0-9(+-[0-9A-Za-z_]{32}.apps.qooqleusercontent.com
Foursquare Client Key [0-9a-zA-Z_][5,31]
Foursquare Secret Key R_[0-9a-f]{32}
Picatic API Key sk_live_[0-9a-z]{32}
Stripe Standard API Key sk_live_(0-9a-zA-Z]{24}
Stripe Restricted API Key sk_live_(0-9a-zA-Z]{24}
Finance Square Access Token sqOatp-[0-9A-Za-z-_]{22}
Finance Square OAuth Secret q0csp-[ 0-9A-Za-z-_]{43}
Finance Paypal / Braintree Access Token
AMS Auth Token amzn.mws]{8}-[0-9a-f]{4}-10-9a-f1{4}-[0-9a,]{4}-[0-9a-f]{12}
Twilio API Key 55[0-9a-fA-F]{32}
MailGun API Key key-[0-9a-zA-Z]{32}
MailChimp API Key [0-9a-f]{32}-us[0-9]{1,2}
Slack API Key xox[baprs]-[0-9]{12}-[0-9]{12}-[0-9a-zA-Z]{24}
Amazon Web Services Access Key ID AKIA[0-9A-Z]{16}
Amazon Web Services Secret Key [0-9a-zA-Z/+]{40}
Google Cloud Platform OAuth 2.0 [0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}
Google Cloud Platform API Key [A-Za-z0-9_]{21}--[A-Za-z0-9_]{8}
Heroku API Key [0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}
Heroku OAuth 2.0 [0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}
You might also like...
Just your basic port scanner - with multiprocessing capabilities & further nmap enumeration.
Just your basic port scanner - with multiprocessing capabilities & further nmap enumeration.

Just-Your-Basic-Port-Scanner Just your basic port scanner - with multiprocessing capabilities & further nmap enumeration. Use at your own discretion,

A simple subdomain scanner in python

Subdomain-Scanner A simple subdomain scanner in python ✨ Features scans subdomains of a domain thats it! πŸ’β€β™€οΈ How to use first download the scanner.p

Sqli-Scanner is a python3 script written to scan websites for SQL injection vulnerabilities

Sqli-Scanner is a python3 script written to scan websites for SQL injection vulnerabilities Features 1 Scan one website 2 Scan multiple websites Insta

a cool, easily usable and customisable subdomains scanner
a cool, easily usable and customisable subdomains scanner

Subdah πŸ”Ž another subdomains scanner. Installation ⚠️ Python 3.10 required ⚠️ $ git clone https://github.com/traumatism/subdah $ cd subdah $ pip3 inst

Web Headers Security Scanner
Web Headers Security Scanner

Web Headers Security Scanner

Kriecher is a simple Web Scanner which will run it's own checks for the OWASP

Kriecher is a simple Web Scanner which will run it's own checks for the OWASP top 10 https://owasp.org/www-project-top-ten/# as well as run a

An Advanced Local Network IP Scanner, made in python of course!
An Advanced Local Network IP Scanner, made in python of course!

β–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—    β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•—β€ƒβ€ƒβ–ˆβ–ˆβ•”β•β•β•β•β•β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•—β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ•‘β–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β•β•β•β•β•β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆ

XSS scanner in python

DeadXSS XSS scanner in python How to Download: Step 1: git clone https://github.com/Deadeye0x/DeadXSS.git Step 2: cd DeadXSS Step 3: python3 DeadXSS.p

Advanced subdomain scanner,  any domain hidden subdomains
Advanced subdomain scanner, any domain hidden subdomains

little advanced subdomain scanner made in python, works very quick and has options to change the port u want it to connect for

Comments
  • requirement.txt file contain invalid modules

    requirement.txt file contain invalid modules

    i am unable to install os and sys module by giving command pip3 install -r requirements.txt

    pip3 install -r requirements.txt 
    Requirement already satisfied: requests in /home/xalgord/.local/lib/python3.8/site-packages (from -r requirements.txt (line 1)) (2.23.0)
    Requirement already satisfied: urllib3 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 2)) (1.25.8)
    ERROR: Could not find a version that satisfies the requirement sys (from -r requirements.txt (line 3)) (from versions: none)
    ERROR: No matching distribution found for sys (from -r requirements.txt (line 3))
    
    opened by xalgord 8
  • ERROR

    ERROR

    python3 -m pip install -r requirements.txtRequirement already satisfied: requests in /usr/lib/python3/dist-packages (from -r requirements.txt (line 1)) (2.23.0) Requirement already satisfied: urllib3 in /usr/lib/python3/dist-packages (from -r requirements.txt (line 2)) (1.25.9) ERROR: Could not find a version that satisfies the requirement sys ERROR: No matching distribution found for sys

    opened by Shahad7278 1
  • ERROR ON INSTALLING REQUIREMENTS

    ERROR ON INSTALLING REQUIREMENTS

    Hi,

    When I tried to use your tool by the following comand ( pip3 install -r requirements.txt ) it gives the following error !

    ERROR: Could not find a version that satisfies the requirement sys (from -r requirements.txt (line 3)) (from versions: none) ERROR: No matching distribution found for sys (from -r requirements.txt (line 3))

    Thank You

    opened by 3th1cyuk1 1
Owner
Network Engineer,Researcher Hacker , Bug Hunter , Hackerone , Bugcrowd
null
USSR-Scanner - USSR Scanner with python

Purposes ? Hey there is abosolutely no need to do this we do it only to irritate

Binary.club 2 Jan 24, 2022
Fast subdomain scanner, Takes arguments from a Json file ("args.json") and outputs the subdomains.

Fast subdomain scanner, Takes arguments from a Json file ("args.json") and outputs the subdomains. File Structure core/ colors.py db/ wordlist.txt REA

whoami security 4 Jul 2, 2022
Local File Inclusion Scanner and Exploiter

LFI-Paradise Local File Inclusion Scanner and Exploiter Features 1- Scanner 2- E

null 11 Sep 4, 2022
This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit

CVE-2021-40444 builders This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit. This repo is just for testing, re

ASL IT Security 168 Nov 9, 2022
Vulnerability Scanner & Auto Exploiter You can use this tool to check the security by finding the vulnerability in your website or you can use this tool to Get Shells

About create a target list or select one target, scans then exploits, done! Vulnnr is a Vulnerability Scanner & Auto Exploiter You can use this tool t

Nano 108 Dec 4, 2021
SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.

The SCodeScanner stands for Source Code Scanner, where you can scan your source code files like PHP and get identify the vulnerabilities inside it. The tool can use by Pentester, Developer to quickly identify the weakness.

null 136 Dec 13, 2022
Scanner for Intranet

cthun3ζ˜―ι›†ζˆη«―ε£ζ‰«ζ,ζœεŠ‘θ―†εˆ«,netbios扫描,η½‘η«™θ―†εˆ«,ζš΄εŠ›η ΄θ§£ε’ŒζΌζ΄žζ‰«ζηš„ε·₯ε…·. cthun(克苏恩)ζ˜―ι­”ε…½δΈ–η•Œη”΅ε­ζΈΈζˆδΈ­δΈ€δ½δΈŠε€δΉ‹η₯ž ζˆͺε›Ύ cthun3η»“εˆviper使用既ζˆͺε›Ύ 使用方法 端口扫描 -ps-ip η«―ε£ζ‰«ζηš„ipεœ°ε€θŒƒε›΄,例如可δ»₯θΎ“ε…₯ -ps-ip 192.168.14

rootkit 18 Sep 3, 2022
Static Token And Credential Scanner

Static Token And Credential Scanner What is it? STACS is a YARA powered static credential scanner which suports binary file formats, analysis of neste

STACS 81 Dec 27, 2022
nuclei scanner for proxyshell ( CVE-2021-34473 )

Proxyshell-Scanner nuclei scanner for Proxyshell RCE (CVE-2021-34423,CVE-2021-34473,CVE-2021-31207) discovered by orange tsai in Pwn2Own, which affect

PikaChu 29 Dec 16, 2022
OpenPort scanner GUI tool (CNMAP)

CNMAP-GUI- OpenPort scanner GUI tool (CNMAP) as you know it is the advanced tool to find open port, firewalls and we also added here heartbleed scanni

null 9 Mar 5, 2022