Find Hidden Endpoint From JS File

Greeting Everyone ! Today In this Blog We will Explore How To Recon Javascript and How To extract all Javascript From Our Targeted Website .  In This Blog we will Explore How to Do Gather all Js File from target , , Extract Endpoint from JS File .

We will
Explore Some Common Tools Which Is open Source .

How To Gather
All js file From Our target :

To collect All Possible JS file From Our target we will use

Waybackurls | grep “.js”

As above we
used grep to filter .js file and as result we able to Manipulate all js file
from Our target ,

Now , Use List Of domain : Cat domains.txt | waybackurls | grep “.js”

As above
picture we used cat to read file and able to manipulate all js file .

Extract Endpoint From  JS file:

To find hidden endpoint From Our js file We we use tool relative-url-extractor Which is Open Source tool :

How to Get this tool:

To install :

Git clone

Cd relative-url-extractor

Chmdo   +x  extract.rb

Now We Will Extract possible end point from Our js file Here we will use

command : curl  -s | ./extract.rb

As above picture we see extracted path from its js file .

If we Run against gathered list of js file we will use command: Cat urls.txt | ./extract.rb

As above We see How we can able to
Extract Path from Js file and how we extract js file from our target . This is
How We can utilize this phase .

 Conclusion: We Discussed How To do hunt against js and find sensitive path file from it this will help an tester or hacker On testing phase .


Thanks For Reading……. See You In Another Blog!

Stick With Our Blog :

Author : Pallab Jyoti Borah | VAPT Analyst

Table of Contents

Social Media