From 8114deff0d2ef473ca31431a71c7d607b96fa0cd Mon Sep 17 00:00:00 2001 From: HackTricks News Bot Date: Fri, 6 Mar 2026 06:48:29 +0000 Subject: [PATCH] Add content from: BurpJSLinkFinder Enhanced - Link & Sensitive Data Finder --- src/network-services-pentesting/pentesting-web/README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/network-services-pentesting/pentesting-web/README.md b/src/network-services-pentesting/pentesting-web/README.md index 88d97b97a79..ba0841f170c 100644 --- a/src/network-services-pentesting/pentesting-web/README.md +++ b/src/network-services-pentesting/pentesting-web/README.md @@ -239,6 +239,7 @@ Launch some kind of **spider** inside the web. The goal of the spider is to **fi - [**page-fetch**](https://github.com/detectify/page-fetch) (go): Load a page in a headless browser and print out all the urls loaded to load the page. - [**Feroxbuster**](https://github.com/epi052/feroxbuster) (rust): Content discovery tool mixing several options of the previous tools - [**Javascript Parsing**](https://github.com/xnl-h4ck3r/burp-extensions): A Burp extension to find path and params in JS files. +- [**BurpJSLinkFinder Enhanced**](https://github.com/panchocosil/burp-js-linkfinder-enhanced): Burp extension (Jython) that passively analyzes JavaScript responses (by MIME type and `/js` paths) to extract endpoints/links and optionally flag embedded secrets with severity. - [**Sourcemapper**](https://github.com/denandz/sourcemapper): A tool that given the .js.map URL will get you the beatified JS code - [**xnLinkFinder**](https://github.com/xnl-h4ck3r/xnLinkFinder): This is a tool used to discover endpoints for a given target. - [**waymore**](https://github.com/xnl-h4ck3r/waymore)**:** Discover links from the wayback machine (also downloading the responses in the wayback and looking for more links) @@ -437,4 +438,8 @@ Entry_12: +## References + +- [https://github.com/panchocosil/burp-js-linkfinder-enhanced](https://github.com/panchocosil/burp-js-linkfinder-enhanced) + {{#include ../../banners/hacktricks-training.md}}