View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0009456Kali LinuxNew Tool Requestspublic2025-12-19 16:092025-12-19 16:09
Reportercere23 Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
Summary0009456: jsminer - JavaScript security mining tool
Description

Tool name: jsminer
Tool URL: https://github.com/cereZ23/jsminer
Tool author: Andrea Ceresoni [email protected]
Tool license: GPL-2.0
Tool version: 1.0.0

Description:
JSMiner is a JavaScript security mining tool for bug bounty hunters and penetration testers. It extracts endpoints, API keys, secrets, and sensitive URLs from JavaScript files.

Features:

  • Endpoint extraction (hidden APIs, admin panels, internal routes)
  • Secret detection (40+ patterns: AWS, Stripe, GitHub, JWT, MongoDB, Redis, etc.)
  • URL discovery (internal, staging, dev environments)
  • Async architecture with aiohttp
  • Rich CLI with progress indicators

  • HTML and JSON report generation

    Installation:
    pip install git+https://github.com/cereZ23/jsminer.git

    Usage:
    jsminer -u https://example.com -o report.html
    jsminer -f app.js -o report.json

    Dependencies:
    Python 3.12+, aiohttp, beautifulsoup4, click, rich, pydantic, jinja2, tldextract

    Similar tools: LinkFinder, JSParser, SecretFinder

    Debian packaging included in debian/ directory.

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2025-12-19 16:09 cere23 New Issue