2 Repos
Analysis of client-side scripts to identify leaked API keys, credentials, and internal endpoints.
Distinct from JavaScript: Existing candidates focus on the language or documentation, not security-centric parsing for secrets.
Explore 2 awesome GitHub repositories matching security & cryptography · JavaScript Secret Extraction. Refine with filters or upvote what's useful.
reconftw is an attack surface management framework and reconnaissance workflow orchestrator designed to automate the discovery, mapping, and monitoring of external digital assets. It operates as a modular tool-chain pipeline that coordinates a sequence of security tools to perform intelligence gathering and vulnerability scanning. The project distinguishes itself through a cloud-native deployment model that parallelizes scanning workloads across a fleet of remote VPS instances to bypass local resource constraints. It utilizes container-based environment isolation to ensure consistent executio
Parses JavaScript files to extract sensitive API keys and internal service endpoints.
LinkFinder is a security reconnaissance and static analysis tool designed for JavaScript endpoint discovery. It extracts absolute and relative URLs and parameters from JavaScript files to map the attack surface of web applications and identify hidden API routes. The tool operates through static code analysis and regular expression pattern matching to find endpoints without executing the source code. It includes a data processor for importing exported files from Burp Suite, enabling the batch analysis of multiple JavaScript assets in a single execution. The system provides capabilities for do
Analyzes client-side scripts to identify internal endpoints and undocumented features for security purposes.