JSpector: crawl JavaScript (JS) files in passive mode

JSpector

JSpector is a Burp Suite extension that passively crawls JavaScript files and automatically creates issues with URLs and endpoints found on the JS files.

Prerequisites

Before installing JSpector, you need to have Jython installed on Burp Suite.

Installation

1. Download the latest version of JSpector
2. Open Burp Suite and navigate to the Extensions tab.
3. Click the Add button in the Installed tab.
4. In the Extension Details dialog box, select Python as the Extension Type.
5. Click the Select file button and navigate to the JSpector.py.
6. Click the Next button.
7. Once the output shows “JSpector extension loaded successfully”, click the Close button.

Use

• You just have to navigate on your different targets and JSpector will start working in the background by a simple passive crawl.
• You can export all the results to the clipboard (URLs + endpoints) with a right click directly on the JS file:

Source: https://github.com/hisxo/

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy