SecretFinder – A Python Script For Find Sensitive Data (Apikeys, Accesstoken, JWT…) And Search Anything On Javascript Files

SecretFinder is a python script based on LinkFinder, written to discover sensitive data like apikeys, accesstoken, authorizations, jwt,..etc in JavaScript files. It does so by using jsbeautifier for python in combination with a fairly large regular expression. The regular expressions consists of four small regular expressions. These are responsible for finding and search anything onRead More

JSshell – A JavaScript Reverse Shell For Exploiting XSS Remotely Or Finding Blind XSS, Working With Both Unix And Windows OS

JSshell – a JavaScript reverse shell. This using for exploit XSS remotely, help to find blind XSS, …This tool works for both Unix and Windows operating system and it can running with both Python 2 and Python 3. This is a big update of JShell – a tool to get a JavaScript shell with XSSRead More

Jshole – A JavaScript Components Vulnrability Scanner, Based On RetireJS

A JavaScript components vulnrability scanner, based on RetireJS. Why use JShole instead of RetireJS?By default, RetireJS only searches one page, but JShole tries to crawl all pages.How it works? Get Started Requirements requests Install git clone cd jshole pip3 install -r requirements python3 usage: jshole [-h] -u URL [-d] [-l LIMIT] [-t THREAT]optionalRead More

Flux-Keylogger – Modern Javascript Keylogger With Web Panel

Modern javascript keylogger with web panel Web panel: Logging: Keylogger Cookies Location Remote IP User-Agents Installation server files: Upload files from server directory to you server Change default username, password in flux.php Go to Click build Now inject script tag to other documents Download Flux-Keylogger