- Ability to define custom regex both case sensitive and case insensitive.
- Regex for DOM XSS sinks, sources, web services, hidden parameters, endpoints etc are already there
- Its built with faster_than_requests, ~40x faster than requests.
- Shannon entropy to catches whats missed by regex (may cause lengthy output and thus disabled by default)
- Scan a single URL/Domain/Subdomain
JScanner -d google.com or JScanner -u https://google.com/closurelibrary.js
- Scan from URLs
JScanner -w hakrawler.txt -oD
pwd-t 10 -d domain.com
- Scan from stdin (subdomains) with entropy check
assetfinder google.com | JScanner --- -o results.txt -e
- Scan from stdin (hakrawler, gau)
echo "uber.com" | tee >(hakrawler | JScanner --- -o hakrawler.txt -t 10) >(gau | JScanner --- -o gau.txt -t 10)
- Repeated same type of webpage may cause repetition of data
- Even same page may caused repetition of data which sort -u fixes, however it is going to be fixed in further version
- Output from program as well as file output should be improved
Download releases rather than git clone because developmental version may contain bugs. Releases are rather stable version! Also repetition needs to decreased in output.