hackJS is a tool designed to analyze JavaScript files from a specified URL or a list of URLs to extract useful information such as links, subdomains, and sensitive data. It can also work with wordlists to search for specific keywords within JavaScript files. This tool helps in discovering hidden resources and potential security issues on websites.
- Extract Links: Finds and filters all links in JavaScript files.
- Extract Subdomains: Identifies subdomains mentioned in JavaScript files.
- Find Sensitive Data: Searches for sensitive words in JavaScript files using a provided or default wordlist.
- Output Results: Saves results to a file and displays them on the console.
- Handle Multiple URLs: Can process a single URL or multiple URLs from a file.
-
Clone the repository to your local machine:
git clone https://github.com/everythingBlackkk/hackJS.git
-
Navigate to the hackJS directory:
cd hackJS
-
Tool setup :
chmod +x install_hackJS.sh ./install_hackJS.sh
-
Run Tool :
hackJS
hackJS -u <URL>
hackJS -l <file>
hackJS -l url.txt -w sensitive-world-list.txt
- -u : Specifies the URL to scan.
- -l : Specifies a file containing a list of URLs to scan.
- -w : Specifies a custom wordlist file to search for sensitive data.
The results are categorized and saved into a result directory. Each category includes:
===Links===
https://example.com/page1
https://example.com/page2
Total Links found: 2
===Subdomains===
sub.example.com
api.example.com
Total Subdomains found: 2
===JS Files===
https://example.com/script1.js
https://example.com/script2.js
Total JS Files found: 2
===Sensitive Data===
🔹 api_key ➔ https://example.com/script1.js
🔹 token ➔ https://example.com/script2.js
Total Sensitive Data found: 2
For any questions or feedback, please contact: Name: Yassin Abd-elrazik GitHub: everythingBlackkk
Contributions are welcome! Fork the repository, make your changes, and submit a pull request.