├── README.md
├── carbon.png
└── linkJS.go


/README.md:
--------------------------------------------------------------------------------
 1 | 
 2 | # 😎 linkJS 😎
 3 | 
 4 | A Link Finder Written in GO
 5 | 
 6 | **Version 1.0**
 7 | 
 8 | 
 9 | ***
10 | ### Changes
11 | 
12 | **It now Matches:**
13 |  - awskeys
14 |  - domxss
15 |  - endpoints
16 |  - links
17 | ***
18 | 
19 | 
20 | ### Install
21 | 
22 | **`$ go get -u github.com/ethicalhackingplayground/linkJS`**
23 | 
24 | **`$ go get github.com/003random/getJS`**
25 | 
26 | 
27 | ### Fetch Links from JS with Subfinder
28 | **`$ subfinder uber.com -silent | httpx | getJS -complete | linkJS -m links`**
29 | 
30 | ![GitHub Logo](carbon.png)
31 | 
32 | 
33 | 
34 | **If you get a bounty please support by buying me a coffee**
35 | 
36 | <br>
37 | <a href="https://www.buymeacoffee.com/krypt0mux" target="_blank"><img src="https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png" alt="Buy Me A Coffee" style="height: 41px !important;width: 174px !important;box-shadow: 0px 3px 2px 0px rgba(190, 190, 190, 0.5) !important;-webkit-box-shadow: 0px 3px 2px 0px rgba(190, 190, 190, 0.5) !important;" ></a>
38 | 
39 | 


--------------------------------------------------------------------------------
/carbon.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ethicalhackingplayground/linkJS/c4c696dd0c2e982af39c3518019b6a8c88b4c329/carbon.png


--------------------------------------------------------------------------------
/linkJS.go:
--------------------------------------------------------------------------------
  1 | package main
  2 | 
  3 | import (
  4 | "fmt"
  5 | "time"
  6 | "sync"
  7 | "regexp"
  8 | "os"
  9 | "bufio"
 10 | "net/http"
 11 | "net/url"
 12 | "io/ioutil"
 13 | "flag"
 14 | )
 15 | 
 16 | func main () {
 17 | 
 18 | 	// The regex's map
 19 | 	regs:=map[string]string {
 20 | 		"links"    : `(https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]`,
 21 | 		"awskeys"  : `([^A-Z0-9]|^)(AKIA|A3T|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{12,}`,
 22 | 		"domxss"   : `/((src|href|data|location|code|value|action)\s*["'\]]*\s*\+?\s*=)|((replace|assign|navigate|getResponseHeader|open(Dialog)?|showModalDialog|eval|evaluate|execCommand|execScript|setTimeout|setInterval)\s*["'\]]*\s*\()/`,
 23 | 	}
 24 | 
 25 | 
 26 | 	// Variables
 27 | 	var concurrency int
 28 | 	var mode string
 29 | 		
 30 | 	flag.IntVar(&concurrency, "c", 30, "Set concurrency for greater speed")
 31 | 	flag.StringVar(&mode, "m", "links", "Set the regex to use (e.g. links,awskeys,domxss,endpoints)")
 32 | 	flag.Parse()
 33 | 
 34 | 	var wg sync.WaitGroup
 35 | 	for i:=0; i<=concurrency; i++ {
 36 | 		wg.Add(1)
 37 | 		go func () {
 38 | 			search_with_regex(mode, regs)
 39 | 			wg.Done()	
 40 | 		}()
 41 | 		wg.Wait()
 42 | 	}
 43 | }
 44 | 
 45 | 
 46 | // Search through all javascript with regex's
 47 | func search_with_regex(mode string, regs map[string]string) {
 48 | 
 49 | 	time.Sleep(time.Millisecond * 10)
 50 | 	client:= &http.Client{}
 51 | 	
 52 | 
 53 | 	scanner:=bufio.NewScanner(os.Stdin)
 54 | 	for scanner.Scan() {
 55 | 		jsLink:=scanner.Text()
 56 | 		
 57 | 		req,err:=http.NewRequest("GET", jsLink,nil)
 58 | 		if err != nil {
 59 | 			return
 60 | 		}
 61 | 
 62 | 		resp,err:=client.Do(req)
 63 | 		if err != nil {
 64 | 			return
 65 | 		}
 66 | 
 67 | 		bodyBuffer,err:=ioutil.ReadAll(resp.Body)
 68 | 		if err != nil {
 69 | 			return
 70 | 		}
 71 | 
 72 | 		// The body to grep for
 73 | 		bodyString:=string(bodyBuffer)
 74 | 
 75 | 		// Check to see if we are searching for links
 76 | 		if mode == "links" {
 77 | 			// Search for all links
 78 | 			re:=regexp.MustCompile(regs["links"])
 79 | 			match:=re.FindStringSubmatch(bodyString)
 80 | 			if match != nil {
 81 | 				fmt.Printf("%s\n", match[0])
 82 | 			}
 83 | 		}
 84 | 
 85 | 		// Check to see if we are searching for apis
 86 |                 if mode == "apis" {
 87 |                         // Search for all links
 88 |                         re:=regexp.MustCompile(regs["apis"])
 89 |                         match:=re.FindStringSubmatch(bodyString)
 90 |                         if match != nil {
 91 |                                 fmt.Printf("%s\n", match[0])
 92 |                         }
 93 |                 }
 94 | 
 95 | 		// Check to see if we are searching for endpoints
 96 |                 if mode == "endpoints" {
 97 |                         // Search for all links
 98 |                         re:=regexp.MustCompile(regs["links"])
 99 |                         match:=re.FindStringSubmatch(bodyString)
100 |                         if match != nil {
101 | 				endpoint:=match[0]
102 | 				u,err:=url.Parse(endpoint)
103 | 				if err != nil { return }
104 |                                 fmt.Printf("%s\n", u.Path)
105 |                         }
106 |                 }
107 | 
108 | 	        // Check to see if we are searching for domxss
109 |                 if mode == "domxss" {
110 |                         // Search for all links
111 |                         re:=regexp.MustCompile(regs["domxss"])
112 |                         match:=re.FindStringSubmatch(bodyString)
113 |                         if match != nil {
114 |                                 fmt.Printf("%s : \t\t%q\n", match[0], jsLink)
115 |                         }
116 |                 }
117 | 
118 | 	}
119 | }
120 | 
121 | 
122 | 
123 | 
124 | 
125 | 
126 | 
127 | 
128 | 
129 | 
130 | 
131 | 


--------------------------------------------------------------------------------