PortSwigger/js-link-finder external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

PortSwigger/js-link-finder

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/PortSwigger/js-link-finder)

Close

PortSwigger / js-link-finderView on GitHubMore

• External links
• Readme badge

Burp Extension for a passive scanning JS files for endpoint links.

☆187Sep 5, 2019Updated 6 years ago

Alternatives and similar repositories for js-link-finder

Users that are interested in js-link-finder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• InitRoot / BurpJSLinkFinder

  View on GitHub
  Burp Extension for a passive scanning JS files for endpoint links.
  ☆817Mar 22, 2024Updated 2 years ago
• theLSA / burp-info-extractor

  View on GitHub
  burpsuite extension for extract information from data
  ☆88Jun 2, 2024Updated 2 years ago
• nccgroup / AutoRepeater

  View on GitHub
  Automated HTTP Request Repeating With Burp Suite
  ☆895Dec 15, 2021Updated 4 years ago
• 0xzmz / burpsuite_jsapi

  View on GitHub
  A BurpSuite extension written by Python,used to find API interface in JS file.
  ☆115Apr 28, 2026Updated last month
• PortSwigger / js-miner

  View on GitHub
  This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.
  ☆90Jul 20, 2023Updated 2 years ago
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• GerbenJavado / LinkFinder

  View on GitHub
  A python script that finds endpoints in JavaScript files
  ☆4,382Apr 13, 2024Updated 2 years ago
• AduraK2 / Go-Yso-Gui

  View on GitHub
  练习Golang的时候写的一个Ysoserial图形化工具
  ☆11Aug 1, 2023Updated 2 years ago
• wagiro / BurpBounty

  View on GitHub
  Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…
  ☆1,805Apr 26, 2024Updated 2 years ago
• bit4woo / knife

  View on GitHub
  A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
  ☆1,934May 3, 2026Updated last month
• wangfly-me / DomainInfo_Find

  View on GitHub
  批量获取域内机器桌面文件
  ☆79Sep 6, 2022Updated 3 years ago
• prakharathreya / Struts2-RCE

  View on GitHub
  A Burp Extender for checking for struts 2 RCE vulnerabilities.
  ☆287Jun 4, 2024Updated 2 years ago
• lijiejie / swagger-exp

  View on GitHub
  A Swagger API Exploit
  ☆1,376Jun 7, 2024Updated 2 years ago
• xnl-h4ck3r / GAP-Burp-Extension

  View on GitHub
  Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
  ☆1,518Jan 8, 2026Updated 5 months ago
• PortSwigger / param-miner

  View on GitHub
  ☆1,434Mar 17, 2026Updated 2 months ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• c0ny1 / jsEncrypter

  View on GitHub
  一个用于前端加密Fuzz的Burp Suite插件
  ☆1,068Mar 6, 2020Updated 6 years ago
• sting8k / BurpSuite_403Bypasser

  View on GitHub
  Burpsuite Extension to bypass 403 restricted directory
  ☆1,690Jun 29, 2023Updated 2 years ago
• 0xShe / URL-IP

  View on GitHub
  URL-IP 批量处理URL和IP 资产处理 高效渗透必备
  ☆21Apr 6, 2023Updated 3 years ago
• elkokc / reflector

  View on GitHub
  Burp plugin able to find reflected XSS on page in real-time while browsing on site
  ☆1,211Feb 2, 2021Updated 5 years ago
• TheTwitchy / xxer

  View on GitHub
  A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
  ☆519Jul 29, 2020Updated 5 years ago
• bit4woo / domain_hunter_pro

  View on GitHub
  domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等
  ☆2,136Updated this week
• whwlsfb / BurpCrypto

  View on GitHub
  BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算…
  ☆1,632Aug 4, 2023Updated 2 years ago
• TheKingOfDuck / myScripts

  View on GitHub
  一个垃圾桶
  ☆59Aug 14, 2022Updated 3 years ago
• pmiaowu / BurpFastJsonScan

  View on GitHub
  一款基于BurpSuite的被动式FastJson检测插件
  ☆1,247Oct 1, 2022Updated 3 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• lc / gau

  View on GitHub
  Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
  ☆4,970Mar 20, 2026Updated 2 months ago
• ethicalhackingplayground / Gxss

  View on GitHub
  Tool for checking reflecting Parameters in a URL.
  ☆10Aug 31, 2020Updated 5 years ago
• Gilzy / 403Bypasser

  View on GitHub
  ☆57Sep 27, 2022Updated 3 years ago
• fofapro / Hosts_scan

  View on GitHub
  这是一个用于IP和域名碰撞匹配访问的小工具，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。
  ☆1,197Apr 30, 2019Updated 7 years ago
• bit4woo / Fiora

  View on GitHub
  Fiora：漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行，也可作为burp插件使用。
  ☆1,279Apr 10, 2026Updated 2 months ago
• cckuailong / hostscan

  View on GitHub
  自动化Host碰撞工具，帮助红队快速扩展网络边界，获取更多目标点
  ☆601Oct 7, 2023Updated 2 years ago
• gh0stkey / Web-Fuzzing-Box

  View on GitHub
  Web Fuzzing Box - Web 模糊测试字典与一些Payloads
  ☆2,752Mar 23, 2026Updated 2 months ago
• admintony / svnExploit

  View on GitHub
  SvnExploit支持SVN源代码泄露全版本Dump源码
  ☆1,031Dec 20, 2022Updated 3 years ago
• UzJu / Cloud-Bucket-Leak-Detection-Tools

  View on GitHub
  六大云存储，泄露利用检测工具
  ☆1,258Mar 28, 2025Updated last year
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• F6JO / RouteVulScan

  View on GitHub
  Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件
  ☆1,324Jun 29, 2024Updated last year
• ScriptKid-Beta / Unexpected_information

  View on GitHub
  Unexpected information 是用于标记请求包中的一些敏感信息、JS接口和一些特殊字段的BurpSuite 插件。
  ☆690Jan 4, 2021Updated 5 years ago
• wyzxxz / jndi_tool

  View on GitHub
  JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行 漏洞检测辅助工具
  ☆2,018May 21, 2024Updated 2 years ago
• c0ny1 / passive-scan-client

  View on GitHub
  Burp被动扫描流量转发插件
  ☆1,464Jun 17, 2024Updated last year
• Threezh1 / JSFinder

  View on GitHub
  JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
  ☆2,945Nov 24, 2021Updated 4 years ago
• Kr0ff / Kentico-12-RCE-via-SyncServer

  View on GitHub
  Kentico <=12.0.14 is vulnerable to a remote code execution via the SyncServer
  ☆10Sep 28, 2020Updated 5 years ago
• wyzxxz / heapdump_tool

  View on GitHub
  heapdump敏感信息查询工具，例如查找 spring heapdump中的密码明文，AK,SK等
  ☆1,447May 21, 2024Updated 2 years ago