关于EndExt
EndExt是一款功能强大的基于Go语言实现的网络安全工具,在该工具的帮助下,广大研究人员可以轻松从JS文件中提取出所有可能的网络终端节点。
比如说,当你从waybackruls抓取所有JS文件,甚至从目标网站的主页收集JS文件URL时。如果网站使用的是API系统,而你想查找JS文件中的所有网络终端节点时,该工具就派上用场了。我们只需要给该工具提供JS文件的URL地址,它就可以帮助我们抓取目标JS文件中所有可能的网络终端节点、URL或路径信息。
工具安装
由于该工具基于Go语言开发,因此我们首选需要在本地设备上安装并配置好最新版本Go语言环境:
代码语言:javascript复制brew install go接下来,广大研究人员可以使用下列命令将该项目源码克隆至本地:
代码语言:javascript复制git clone https://github.com/SirBugs/endext.git工具使用
代码语言:javascript复制go run main.go -l js_files_urls.txt
______ ________ __
/ ____/___ ____/ / ____/ __/ /_
/ __/ / __ / __ / __/ | |/_/ __/
/ /___/ / / / /_/ / /____> </ /_
/_____/_/ /_/__,_/_____/_/|_|__/
( * ) EndpointsExtractor Tool By @SirBugs .go Version
( * ) For Extracting all possilbe endpoints from Js files
( * ) Version: 1.0.5 (Updated 3.Vrs on 7/7/2023)
( * ) Contact: Twitter@SirBagoza, GitHub@SirBugs, Medium@bag0zathev2
( * ) Command: go run main.go -l jsurls.txt
( ! ) You can use only -u for single URL or -l for .JS file URLs, Not both
( ! ) This tool has been received the last 3 updates at once
( 1 ) - https://example.com/_home/chunks/preload-helper-xxxxxxxx.js :: (endpoint) _app/
( 2 ) - https://example.com/_home/chunks/organization-xxxxxxxx.js :: (endpoint) endpoints/dashboard-metadata/bulk
( 3 ) - https://example.com/_home/chunks/organization-xxxxxxxx.js :: (endpoint) endpoints/applications
( 4 ) - https://example.com/_home/chunks/organization-xxxxxxxx.js :: (endpoint) endpoints/accounts
( 5 ) - https://example.com/_home/chunks/organization-xxxxxxxx.js :: (endpoint) sign-in
( 6 ) - https://example.com/_home/chunks/organization-xxxxxxxx.js :: (endpoint) endpoints/sign-out
( 7 ) - https://example.com/_home/chunks/organization-xxxxxxxx.js :: (endpoint) endpoints/organization/details
( 8 ) - https://example.com/_home/chunks/organization-xxxxxxxx.js :: (endpoint) endpoints/organization/update
( 9 ) - https://example.com/_home/chunks/organization-xxxxxxxx.js :: (endpoint) endpoints/organization/subscribe
( 10 ) - https://example.com/_home/chunks/esr-apps-xxxxxxxx.js :: (endpoint) endpoints/express-security-review/application
( 11 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) applications
( 12 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) applications/new
( 13 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) settings
( 14 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) integrations
( 15 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) grants
( 16 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) applications/
( 17 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) accounts
( 18 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) webhooks
( 19 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) quickstart-guides
( 20 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) connectivity-api-offering
( 21 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) plans
( 22 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) users
( 23 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) billing
( 24 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) experiments/(向右滑动,查看更多)One-Liner命令
代码语言:javascript复制echo 'target.com' | waybackurls | tee waybackresults.txt; cat waybackresults.txt | grep ".js" > js_files.txt; go run main.go -l js_files.txt(向右滑动,查看更多)注意,这里我们可以使用Gau、HaKrawler和Katana等等。
工具运行选项
代码语言:javascript复制
-l string
设置需要爬取网络终端节点的JS文件列表,可以包含不止一个JS文件URL地址
-o string
设置输出文件,默认为js_endpoints.txt
-p 开启公开模式,显示每一个终端节点的URL地址
-u string
需要爬取网络终端节点的单个URL地址(向右滑动,查看更多)许可证协议
本项目的开发与发布遵循MIT开源许可证协议。
