h00klod0er/JSFindAPI external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

h00klod0er/JSFindAPI

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/h00klod0er/JSFindAPI)

Close

h00klod0er / JSFindAPIView on GitHubMore

• External links
• Readme badge

JSFindAPI是一款自动从html页面中获取js链接，并自动访问js提取js中的api路径，然后自动进行api未授权测试的插件，同时也可被动监听，当访问js时自动提取api进行访问，提取api接口主要根据AJAX，XMLHttpRequest，axios，Vue.js等各种api请求的写法去正则提取，准确性和数量都有提升

☆30Oct 20, 2025Updated 4 months ago

Alternatives and similar repositories for JSFindAPI

Users that are interested in JSFindAPI are comparing it to the libraries listed below

• xk4ng / AntiDebugger-Chrome

  View on GitHub
  针对于无限debugger场景而编译的Chromium，适用于逆向分析、前端调试对抗、爬虫开发等场景
  ☆39Oct 24, 2025Updated 4 months ago
• h00klod0er / xxljob-Hessian-Exp

  View on GitHub
  xxljob-Hessian-Exp 一款XXL-JOB <=2.0.1 Hessian反序列化图形化利用工具，可不出网利用
  ☆37Dec 31, 2024Updated last year
• guchangan1 / SyntaxFinger

  View on GitHub
  本工具不去主动的做端口扫描，通过聚合了三大资产测绘引擎接口语法，快速获取与目标有关的所有资产列表，并进行一键指纹识别（通用系统指纹、ICP归属等），筛出高价值及脆弱资产。
  ☆31Mar 13, 2025Updated 11 months ago
• darkfiv / QaFuzz

  View on GitHub
  ☆44Jun 28, 2025Updated 8 months ago
• MAOGE555 / shuidi

  View on GitHub
  水滴工具箱，集合各种渗透工具。端口扫描器，漏扫，抓包，内存马，内网穿透，c2，免杀等等
  ☆104Oct 26, 2025Updated 4 months ago
• Conan924 / md5ups

  View on GitHub
  爆破md5(用户名+密码+salt)的脚本
  ☆12Nov 15, 2021Updated 4 years ago
• LostZX / utools

  View on GitHub
  ☆13May 1, 2023Updated 2 years ago
• enh123 / DirectoryFuzz

  View on GitHub
  渗透测试目录扫描字典
  ☆68Nov 24, 2025Updated 3 months ago
• aw220 / InOne

  View on GitHub
  一个BurpSuite插件，想法是简化日常挖洞流程
  ☆14Jun 28, 2022Updated 3 years ago
• qianxiao996 / BurpSuite-FrameScan

  View on GitHub
  ☆40Nov 25, 2024Updated last year
• qncosfh / xxl_job_executor_exploit

  View on GitHub
  xxl_job_executor_默认Access_Token_不出网综合利用
  ☆40Oct 20, 2025Updated 4 months ago
• winezer0 / cdnAnalyzer

  View on GitHub
  CheckCdn 完善的CDN信息分析工具 基于EDNS、ASN、CNAME、IPlocate等多个维度筛选
  ☆40Feb 22, 2026Updated last week
• Deep0 / XSS-Detector

  View on GitHub
  XSS-Detector是一款基于多线程并发架构的Burp Suite扩展插件，通过精确请求-响应映射机制高效检测Web应用中的XSS漏洞。
  ☆24Apr 27, 2025Updated 10 months ago
• cwkiller / Java-Puzzle

  View on GitHub
  一个专注于 Java Web 特性、配置和 Trick 的安全谜题集合
  ☆117Dec 24, 2025Updated 2 months ago
• GrassWorkshop / wxapkg_infosearch

  View on GitHub
  一款微信小程序源码包信息收集工具，根据已有项目改编
  ☆24Feb 11, 2025Updated last year
• hookdd / OssScan

  View on GitHub
  burp插件,Oss漏洞被动扫描
  ☆98Aug 8, 2025Updated 6 months ago
• nex121 / RuoyiGui

  View on GitHub
  ☆26Dec 13, 2024Updated last year
• mabangde / ChromeHistory_bof

  View on GitHub
  获取chrome 浏览器记录
  ☆43Sep 6, 2025Updated 5 months ago
• xiaogang000 / XG_SQL

  View on GitHub
  二开xiasql
  ☆57Jan 8, 2026Updated last month
• xhmcc / ehole_finger

  View on GitHub
  ehole超大指纹
  ☆31Jul 25, 2025Updated 7 months ago
• bingtangbanli / jsfinderPro

  View on GitHub
  js文件敏感信息内容提取
  ☆28Aug 22, 2023Updated 2 years ago
• wanghuaixin1201 / VirtualXposed-HookLogin

  View on GitHub
  一款免Root虚拟框架App&检测应用隐私合规App
  ☆25May 14, 2022Updated 3 years ago
• xinyikan / sqlmap-studio

  View on GitHub
  SQLMap Studio 是一个现代化的 Web 界面工具，专为生成和配置 SQLMap 命令而设计，帮助安全研究人员和渗透测试人员高效执行 SQL 注入测试。
  ☆63Apr 7, 2025Updated 10 months ago
• ifacker / WIHscan

  View on GitHub
  ARL 灯塔的 WIH 利用
  ☆32Jul 2, 2024Updated last year
• libaibaia / BucketVulTools

  View on GitHub
  Burpsuite存储桶配置不当漏洞检测插件
  ☆195Jul 16, 2025Updated 7 months ago
• imkitsch / puzzle

  View on GitHub
  集成式信息收集工具
  ☆25Apr 18, 2025Updated 10 months ago
• Conan924 / Bypass-Suite

  View on GitHub
  BurpSuite extensions -Bypass Suite
  ☆26Jul 19, 2024Updated last year
• Abbbbbqvq / Enscan_Script

  View on GitHub
  快速筛选Enscan输出结果中的domain，让你在红蓝攻防中快人一步
  ☆30Aug 13, 2025Updated 6 months ago
• aleenzz / InjectSQLServer

  View on GitHub
  Get sql server connection configuration information
  ☆28Aug 26, 2024Updated last year
• taielab / YinVulnKiller

  View on GitHub
  企业级漏洞扫描与资产测绘平台 | 4引擎协同（Nuclei+Xray+GoPOC+YamlPOC）13,054+ POC规则 | Worker Pool并发架构，35-70倍性能提升 | 支持内网探测、弱口令检测、实时漏洞输出
  ☆80Nov 24, 2025Updated 3 months ago
• XF-FS / WebBatchRequestpro

  View on GitHub
  一个批量请求工具
  ☆41Dec 14, 2025Updated 2 months ago
• XF-FS / APIKit

  View on GitHub
  APIKit 是Burp Suite 的一个API接口扫描插件，该版本APIKit是对API-Security项目的APIKit1.0进行的二开，增加了扫描开关，避免直接打开burp乱扫被抓起来
  ☆92Dec 19, 2025Updated 2 months ago
• vaycore / DNStxt-exp

  View on GitHub
  一个提供查询 TXT 记录的 DNS 服务利用工具。例如：可配合 Windows 下的 certutil 工具传输小文件（64KB）
  ☆37Dec 31, 2021Updated 4 years ago
• mabangde / NTDSDumpEx

  View on GitHub
  ☆36Mar 4, 2025Updated 11 months ago
• yingfff123 / MUKI

  View on GitHub
  Muki is an active asset fingerprinting tool built for red teams — powered by 30,000+ precision signatures, proxy rotation, and intelligen…
  ☆105Jan 13, 2026Updated last month
• 0x727 / ChkApi_0x727

  View on GitHub
  辅助甲方安全人员巡检网站资产，发现并分析API安全问题
  ☆516Jan 20, 2025Updated last year
• zicaiyu / ZCYNSScan

  View on GitHub
  紫菜鱼的网络安全扫描器
  ☆11Dec 19, 2023Updated 2 years ago
• d1sbb / ossFileList

  View on GitHub
  oss存储桶遍历漏洞利用脚本
  ☆91Nov 23, 2024Updated last year
• ShelShifu / FuzzingJSPath

  View on GitHub
  递归寻找JS泄露的路径。Recursively search for the paths of JS Files.For pentest
  ☆11Sep 30, 2024Updated last year