BurpJSLinkFinder is a Burp Suite extension that performs passive scanning of JavaScript files to identify endpoint links within web applications. The extension operates by analyzing JavaScript code through both static and dynamic analysis techniques to discover potential API endpoints, URLs, and other links that may be embedded in client-side scripts. As a passive scanning tool, it automatically examines JavaScript files encountered during web application testing without requiring active interaction or modification of requests. The extension is designed to assist security researchers and developers in identifying potential attack surfaces and vulnerabilities by mapping out endpoints that might not be immediately visible through traditional web application crawling. It integrates directly into the Burp Suite platform, allowing users to leverage the discovered endpoints for further security testing and vulnerability assessment activities.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.
An open-source tool that automates the detection and analysis of DLL hijacking vulnerabilities in Windows applications, providing detailed reports and remediation guidance.
Bearer CLI is a static application security testing tool that scans source code across multiple programming languages to identify and prioritize OWASP Top 10 and CWE Top 25 security vulnerabilities through data flow analysis.
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
A brute-force protection middleware for express routes that rate-limits incoming requests.
APKiD is a tool that identifies compilers, packers, obfuscators, and other weird stuff in APK files.
Grafeas is an API specification for managing and auditing metadata about software resources across the software supply chain.
SearchCode is an extensive code search engine that indexes 75 billion lines of code from millions of projects to help developers find coding examples and libraries.
A technology lookup and lead generation tool that identifies the technology stack of any website and provides features for market research, competitor analysis, and data enrichment.