Last active
August 1, 2024 12:06
-
-
Save mrrootsec/c90336ea2d97d4c3a8525cca6c20a00b to your computer and use it in GitHub Desktop.
https://x.com/Jhaddix/status/1794427067830030494/photo/1 - Credits to Jhaddix - Enhanced with Dark UI and Save buttons for each operation endpoints,params,js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| javascript:(function() { | |
| var scripts = document.getElementsByTagName("script"); | |
| var regex = /(?<=(\"|\%27|\`))\/[a-zA-Z0-9_?&=\/\-\#\.]*(?=(\"|\'|\%60))/g; | |
| var jsRegex = /(?<=(\"|\'|\%60))(?:\/|https?:\/\/)[a-zA-Z0-9_?&=\/\-\#\.]+\.js(?:\?[^"'%60]*)?(?=(\"|\'|\%60))/g; | |
| const results = new Set(); | |
| const paramMap = new Map(); | |
| const jsFiles = new Set(); | |
| function processContent(t, src) { | |
| var e = t.matchAll(regex); | |
| for (let r of e) { | |
| results.add(r[0]); | |
| var params = r[0].split('?')[1]; | |
| if (params) { | |
| params.split('&').forEach(param => { | |
| var [key] = param.split('='); | |
| if (key) { | |
| if (!paramMap.has(key)) { | |
| paramMap.set(key, []); | |
| } | |
| paramMap.get(key).push(src || 'Inline script or HTML'); | |
| } | |
| }); | |
| } | |
| } | |
| var j = t.matchAll(jsRegex); | |
| for (let r of j) { | |
| jsFiles.add(r[0]); | |
| } | |
| } | |
| for (var i = 0; i < scripts.length; i++) { | |
| var t = scripts[i].src; | |
| if (t) { | |
| jsFiles.add(t); | |
| fetch(t).then(function(t) { | |
| return t.text(); | |
| }).then(text => processContent(text, t)).catch(function(t) { | |
| console.log("An error occurred: ", t); | |
| }); | |
| } else { | |
| processContent(scripts[i].textContent); | |
| } | |
| } | |
| var pageContent = document.documentElement.outerHTML; | |
| processContent(pageContent, 'Page content'); | |
| function createDownloadLink(content, filename) { | |
| var blob = new Blob([content], { type: 'text/plain' }); | |
| var url = URL.createObjectURL(blob); | |
| var a = document.createElement('a'); | |
| a.href = url; | |
| a.download = filename; | |
| a.click(); | |
| URL.revokeObjectURL(url); | |
| } | |
| function writeResults() { | |
| var div = document.createElement("div"); | |
| div.style.cssText = "position:fixed;top:0;left:0;width:100%;height:100%;background:black;color:white;overflow:auto;z-index:9999;padding:20px;font-family:Arial,sans-serif;"; | |
| var content = "<h2 style='color:green;'>Endpoints Found: " + results.size + "</h2>"; | |
| content += "<div style='display:grid;grid-template-columns:1fr 1fr;gap:10px;'>"; | |
| content += Array.from(results).map(endpoint => { | |
| var fullUrl = endpoint.startsWith("http") ? endpoint : window.location.origin + endpoint; | |
| return "<div style='background:black;margin-bottom:10px;padding:10px;border-left:5px solid red;'>" + endpoint + "</div><div style='background:black;margin-bottom:10px;padding:10px;border-left:5px solid red;'><a href='" + fullUrl + "' target='_blank' style='color:white;text-decoration:none;word-break:break-all;'>" + fullUrl + "</a></div>"; | |
| }).join(""); | |
| content += "</div>"; | |
| content += "<h2 style='color:green;margin-top:20px;'>Parameters Found:</h2>"; | |
| content += "<div style='display:grid;grid-template-columns:1fr 1fr;gap:10px;'>"; | |
| paramMap.forEach((sources, param) => { | |
| content += "<div style='background:black;margin-bottom:10px;padding:10px;border-left:5px solid red;'>" + param + "</div><div style='background:black;margin-bottom:10px;padding:10px;border-left:5px solid red;'>" + sources.join('<br>') + "</div>"; | |
| }); | |
| content += "</div>"; | |
| content += "<h2 style='color:green;margin-top:20px;'>JS Files Found: " + jsFiles.size + "</h2>"; | |
| content += "<div style='display:grid;grid-template-columns:1fr;gap:10px;'>"; | |
| jsFiles.forEach(file => { | |
| var fullUrl = file.startsWith("http") ? file : window.location.origin + file; | |
| content += "<div style='background:black;margin-bottom:10px;padding:10px;border-left:5px solid red;'><a href='" + fullUrl + "' target='_blank' style='color:white;text-decoration:none;word-break:break-all;'>" + file + "</a></div>"; | |
| }); | |
| content += "</div>"; | |
| div.innerHTML = content; | |
| var saveEndpointsBtn = document.createElement("button"); | |
| saveEndpointsBtn.textContent = "Save Endpoints"; | |
| saveEndpointsBtn.style.cssText = "position:fixed;top:10px;right:50px;background:white;color:black;border:none;padding:10px 20px;cursor:pointer;margin-right:10px;"; | |
| saveEndpointsBtn.onmouseover = function() { | |
| saveEndpointsBtn.style.backgroundColor = 'green'; | |
| saveEndpointsBtn.style.color = 'white'; | |
| }; | |
| saveEndpointsBtn.onmouseout = function() { | |
| saveEndpointsBtn.style.backgroundColor = 'white'; | |
| saveEndpointsBtn.style.color = 'black'; | |
| }; | |
| saveEndpointsBtn.onclick = function() { | |
| createDownloadLink(Array.from(results).join('\n'), 'endpoints.txt'); | |
| }; | |
| var saveParamsBtn = document.createElement("button"); | |
| saveParamsBtn.textContent = "Save Params"; | |
| saveParamsBtn.style.cssText = "position:fixed;top:10px;right:210px;background:white;color:black;border:none;padding:10px 20px;cursor:pointer;margin-right:10px;"; | |
| saveParamsBtn.onmouseover = function() { | |
| saveParamsBtn.style.backgroundColor = 'green'; | |
| saveParamsBtn.style.color = 'white'; | |
| }; | |
| saveParamsBtn.onmouseout = function() { | |
| saveParamsBtn.style.backgroundColor = 'white'; | |
| saveParamsBtn.style.color = 'black'; | |
| }; | |
| saveParamsBtn.onclick = function() { | |
| var paramContent = Array.from(paramMap.entries()).map(([param, sources]) => param + ':\n' + sources.join('\n')).join('\n\n'); | |
| createDownloadLink(paramContent, 'parameters.txt'); | |
| }; | |
| var saveJsFilesBtn = document.createElement("button"); | |
| saveJsFilesBtn.textContent = "Save JS"; | |
| saveJsFilesBtn.style.cssText = "position:fixed;top:10px;right:363px;background:white;color:black;border:none;padding:10px 20px;cursor:pointer;"; | |
| saveJsFilesBtn.onmouseover = function() { | |
| saveJsFilesBtn.style.backgroundColor = 'green'; | |
| saveJsFilesBtn.style.color = 'white'; | |
| }; | |
| saveJsFilesBtn.onmouseout = function() { | |
| saveJsFilesBtn.style.backgroundColor = 'white'; | |
| saveJsFilesBtn.style.color = 'black'; | |
| }; | |
| saveJsFilesBtn.onclick = function() { | |
| createDownloadLink(Array.from(jsFiles).join('\n'), 'jsfiles.txt'); | |
| }; | |
| var closeBtn = document.createElement("button"); | |
| closeBtn.textContent = "Close"; | |
| closeBtn.style.cssText = "position:fixed;top:10px;right:470px;background:white;color:black;border:none;padding:10px 20px;cursor:pointer;"; | |
| closeBtn.onmouseover = function() { | |
| closeBtn.style.backgroundColor = 'red'; | |
| closeBtn.style.color = 'white'; | |
| }; | |
| closeBtn.onmouseout = function() { | |
| closeBtn.style.backgroundColor = 'white'; | |
| closeBtn.style.color = 'black'; | |
| }; | |
| closeBtn.onclick = function() { | |
| document.body.removeChild(div); | |
| }; | |
| div.appendChild(saveEndpointsBtn); | |
| div.appendChild(saveParamsBtn); | |
| div.appendChild(saveJsFilesBtn); | |
| div.appendChild(closeBtn); | |
| document.body.appendChild(div); | |
| } | |
| setTimeout(writeResults, 3000); | |
| })(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment