Jsleak – A Go Code To Detect Leaks In JS Files Via Regex Patterns

jsleak is a tool to identify sensitive data in JS files through regex patterns. Although it’s built for this, you can use it to identify anything as long as you have a regex pattern for it.

How to install

Directly:

{your package manager} install pkg-config libpcre++-dev
go get github.com/0xTeles/jsleak/v2/jsleak

Compiled: release page

How to use

Usage of jsleak:
-json string
[+] Json output file
-pattern string
[+] File contains patterns to test
-verbose
[+] Verbose Mode

Demo

cat urls.txt | jsleak -pattern regex.txt
[+] Url: http://localhost/index.js
[+] Pattern: p([a-z]+)ch
[+] Match: peach

To Do

  • Fix output
  • Add more patterns
  • Add stdin
  • Implement JSON input
  • Fix patterns
  • Implement PCRE

Regex list

Inspired by

Thanks

@fepame, @gustavorobertux, @Jhounx, @arthurair_es

nMMZ9f sz g

click here to read full Article

Read More on Pentesting Tools

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: