Jsleak – A Go Code To Detect Leaks In JS Files Via Regex Patterns

August 19, 2021
jsleak

jsleak is a tool to identify sensitive data in JS files through regex patterns. Although it’s built for this, you can use it to identify anything as long as you have a regex pattern for it.

How to install

Directly:

{your package manager} install pkg-config libpcre++-dev
go get github.com/0xTeles/jsleak/v2/jsleak

Compiled: release page

How to use

Usage of jsleak:
  -json string
        [+] Json output file
  -pattern string
        [+] File contains patterns to test
  -verbose
        [+] Verbose Mode

Demo

cat urls.txt | jsleak -pattern regex.txt
[+] Url: http://localhost/index.js
[+] Pattern: p([a-z]+)ch
[+] Match: peach

To Do

  • Fix output
  • Add more patterns
  • Add stdin
  • Implement JSON input
  • Fix patterns
  • Implement PCRE

Regex list

  • https://github.com/odomojuli/RegExAPI
  • https://github.com/KaioGomesx/JSScanner/blob/main/regex.txt

Inspired by

  • Necessity
  • https://github.com/0x240x23elu/JSScanner
  • https://github.com/KaioGomesx/JSScanner

Thanks

@fepame, @gustavorobertux, @Jhounx, @arthurair_es

Download Jsleak

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source
Tags: , , , ,

You may have missed

hkcert

Cisco Products Multiple Vulnerabilities

April 25, 2024
HIBP Banner 1

T2 – 94,584 breached accounts

April 25, 2024
CISA Logo

CISA: CISA Releases Three Industrial Control Systems Advisories

April 25, 2024
CISA Logo

CISA: CISA Releases Four Industrial Control Systems Advisories

April 25, 2024
CISA Logo

CISA: Oracle Releases Critical Patch Update Advisory for April 2024

April 25, 2024