0xTeles / jsleak

a Go code to detect leaks in JS files via regex patterns
MIT License
138 stars 26 forks source link
bugbounty golang scanner security

jsleak

jsleak is a tool to identify sensitive data in JS files through regex patterns. Although it's built for this, you can use it to identify anything as long as you have a regex pattern for it.

How to install

Directly:

{your package manager} install pkg-config libpcre++-dev
go get github.com/0xTeles/jsleak/v2/jsleak

Compiled: release page

How to use

-json string
        [+] Json output file
-pattern string
        [+] File contains patterns to test
-timeout int
        [+] Timeout for request in seconds (default 5)
-verbose
        [+] Verbose Mode

Demo

cat urls.txt | jsleak -pattern regex.txt
[+] Url: http://localhost/index.js
[+] Pattern: p([a-z]+)ch
[+] Match: peach

Regex list