JSpector – A Simple Burp Suite Extension To Crawl JavaScript (JS) Files In Passive Mode And Display The Results Directly On The Issues


JSpector is a Burp Suite extension that passively crawls JavaScript files and automatically creates issues with URLs, endpoints and dangerous methods found on the JS files.


Before installing JSpector, you need to have Jython installed on Burp Suite.


  1. Download the latest version of JSpector
  2. Open Burp Suite and navigate to the Extensions tab.
  3. Click the Add button in the Installed tab.
  4. In the Extension Details dialog box, select Python as the Extension Type.
  5. Click the Select file button and navigate to the JSpector.py.
  6. Click the Next button.
  7. Once the output shows: “JSpector extension loaded successfully”, click the Close button.


  • Just navigate through your targets and JSpector will start passively crawl JS files in the background and automatically returns the results on the Dashboard tab.
  • You can export all the results to the clipboard (URLs, endpoints and dangerous methods) with a right click directly on the JS file:


A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

 To keep up to date follow us on the below channels.