PortSwigger/js-link-finder external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

PortSwigger/js-link-finder

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/PortSwigger/js-link-finder)

Close

PortSwigger / js-link-finderView on GitHubMore

• External links
• Readme badge

Burp Extension for a passive scanning JS files for endpoint links.

☆182Sep 5, 2019Updated 6 years ago

Alternatives and similar repositories for js-link-finder

Users that are interested in js-link-finder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• InitRoot / BurpJSLinkFinder

  View on GitHub
  Burp Extension for a passive scanning JS files for endpoint links.
  ☆816Mar 22, 2024Updated 2 years ago
• theLSA / burp-info-extractor

  View on GitHub
  burpsuite extension for extract information from data
  ☆87Jun 2, 2024Updated last year
• nccgroup / AutoRepeater

  View on GitHub
  Automated HTTP Request Repeating With Burp Suite
  ☆892Dec 15, 2021Updated 4 years ago
• 0xzmz / burpsuite_jsapi

  View on GitHub
  A BurpSuite extension written by Python,used to find API interface in JS file.
  ☆114Mar 13, 2023Updated 3 years ago
• PortSwigger / js-miner

  View on GitHub
  This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.
  ☆84Jul 20, 2023Updated 2 years ago
• End-to-end encrypted cloud storage - Proton Drive • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
• GerbenJavado / LinkFinder

  View on GitHub
  A python script that finds endpoints in JavaScript files
  ☆4,322Apr 13, 2024Updated last year
• AduraK2 / Go-Yso-Gui

  View on GitHub
  练习Golang的时候写的一个Ysoserial图形化工具
  ☆11Aug 1, 2023Updated 2 years ago
• wagiro / BurpBounty

  View on GitHub
  Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…
  ☆1,794Apr 26, 2024Updated last year
• bit4woo / knife

  View on GitHub
  A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
  ☆1,916Apr 3, 2026Updated last week
• wangfly-me / DomainInfo_Find

  View on GitHub
  批量获取域内机器桌面文件
  ☆80Sep 6, 2022Updated 3 years ago
• prakharathreya / Struts2-RCE

  View on GitHub
  A Burp Extender for checking for struts 2 RCE vulnerabilities.
  ☆286Jun 4, 2024Updated last year
• lijiejie / swagger-exp

  View on GitHub
  A Swagger API Exploit
  ☆1,372Jun 7, 2024Updated last year
• PortSwigger / param-miner

  View on GitHub
  ☆1,418Mar 17, 2026Updated 3 weeks ago
• xnl-h4ck3r / GAP-Burp-Extension

  View on GitHub
  Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
  ☆1,508Jan 8, 2026Updated 3 months ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• c0ny1 / jsEncrypter

  View on GitHub
  一个用于前端加密Fuzz的Burp Suite插件
  ☆1,065Mar 6, 2020Updated 6 years ago
• sting8k / BurpSuite_403Bypasser

  View on GitHub
  Burpsuite Extension to bypass 403 restricted directory
  ☆1,674Jun 29, 2023Updated 2 years ago
• 0xShe / URL-IP

  View on GitHub
  URL-IP 批量处理URL和IP 资产处理 高效渗透必备
  ☆21Apr 6, 2023Updated 3 years ago
• elkokc / reflector

  View on GitHub
  Burp plugin able to find reflected XSS on page in real-time while browsing on site
  ☆1,205Feb 2, 2021Updated 5 years ago
• TheTwitchy / xxer

  View on GitHub
  A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
  ☆519Jul 29, 2020Updated 5 years ago
• bit4woo / domain_hunter_pro

  View on GitHub
  domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等
  ☆2,121Apr 1, 2026Updated last week
• whwlsfb / BurpCrypto

  View on GitHub
  BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算…
  ☆1,625Aug 4, 2023Updated 2 years ago
• lc / gau

  View on GitHub
  Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
  ☆4,879Mar 20, 2026Updated 3 weeks ago
• pmiaowu / BurpFastJsonScan

  View on GitHub
  一款基于BurpSuite的被动式FastJson检测插件
  ☆1,242Oct 1, 2022Updated 3 years ago
• NordVPN Threat Protection Pro™ • Ad
  Take your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
• Gilzy / 403Bypasser

  View on GitHub
  ☆57Sep 27, 2022Updated 3 years ago
• TheKingOfDuck / myScripts

  View on GitHub
  一个垃圾桶
  ☆59Aug 14, 2022Updated 3 years ago
• fofapro / Hosts_scan

  View on GitHub
  这是一个用于IP和域名碰撞匹配访问的小工具，旨意用来匹配出渗透过程中需要绑定hosts才能访问的弱主机或内部系统。
  ☆1,193Apr 30, 2019Updated 6 years ago
• bit4woo / Fiora

  View on GitHub
  Fiora：漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行，也可作为burp插件使用。
  ☆1,279Jul 2, 2025Updated 9 months ago
• cckuailong / hostscan

  View on GitHub
  自动化Host碰撞工具，帮助红队快速扩展网络边界，获取更多目标点
  ☆599Oct 7, 2023Updated 2 years ago
• gh0stkey / Web-Fuzzing-Box

  View on GitHub
  Web Fuzzing Box - Web 模糊测试字典与一些Payloads
  ☆2,698Mar 23, 2026Updated 2 weeks ago
• admintony / svnExploit

  View on GitHub
  SvnExploit支持SVN源代码泄露全版本Dump源码
  ☆1,027Dec 20, 2022Updated 3 years ago
• UzJu / Cloud-Bucket-Leak-Detection-Tools

  View on GitHub
  六大云存储，泄露利用检测工具
  ☆1,250Mar 28, 2025Updated last year
• ScriptKid-Beta / Unexpected_information

  View on GitHub
  Unexpected information 是用于标记请求包中的一些敏感信息、JS接口和一些特殊字段的BurpSuite 插件。
  ☆691Jan 4, 2021Updated 5 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• jas502n / jackson-CVE-2020-8840

  View on GitHub
  FasterXML/jackson-databind 远程代码执行漏洞
  ☆73Feb 21, 2020Updated 6 years ago
• F6JO / RouteVulScan

  View on GitHub
  Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件
  ☆1,314Jun 29, 2024Updated last year
• wyzxxz / jndi_tool

  View on GitHub
  JNDI服务利用工具 RMI/LDAP，支持部分场景回显、内存shell，高版本JDK场景下利用等，fastjson rce命令执行，log4j rce命令执行 漏洞检测辅助工具
  ☆2,016May 21, 2024Updated last year
• c0ny1 / passive-scan-client

  View on GitHub
  Burp被动扫描流量转发插件
  ☆1,461Jun 17, 2024Updated last year
• Threezh1 / JSFinder

  View on GitHub
  JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.
  ☆2,921Nov 24, 2021Updated 4 years ago
• Kr0ff / Kentico-12-RCE-via-SyncServer

  View on GitHub
  Kentico <=12.0.14 is vulnerable to a remote code execution via the SyncServer
  ☆10Sep 28, 2020Updated 5 years ago
• wyzxxz / heapdump_tool

  View on GitHub
  heapdump敏感信息查询工具，例如查找 spring heapdump中的密码明文，AK,SK等
  ☆1,443May 21, 2024Updated last year