Cross-Site Scripting (XSS) is one of the most well known web application vulnerabilities. It even has a dedicated chapter in the OWASP Top 10 project and it is...
Tag - javascript
With the popularity of web front-end packaging tools, have you encountered more and more websites represented by Webpack packager in daily penetration testing...
JavaScript AST analysis. This package has been created to export the Node-Secure AST Analysis to enable better code evolution and allow better access to...
Blog can be found at Script made for all your javascript recon automation in bugbounty. Just pass subdomain list to it and options according to your preference...
A (coverage-)guided fuzzer for dynamic language interpreters based on a custom intermediate language (“FuzzIL”) which can be mutated and translated...
Scripthunter is a tool that finds javascript files for a given website. To scan Google, simply run ./scripthunter.sh . Note that it may take a while, which is...
Using this script, you can configure a number of JavaScript files on websites that you want to monitor. Everytime you run this script, these files will be...
Widevine is a Google-owned DRM system that’s in use by many popular streaming services (Netflix, Spotify, etc.) to prevent media content from being...
Nuubi Tools: Information-ghatering|Scanner|Recon Options: -h/--help | Show help message and exit Arguments: -b/--banner | Banner grabing of target ip address ...
Browsertunnel is a tool for exfiltrating data from the browser using the DNS protocol. It achieves this by abusing dns-prefetch, a feature intended to reduce...