EndExt

EndExt is a .go tool for extracting all the possible endpoints from the JS files

Idea

When you crawll all the JS files from waybackruls for example, or even collecting the JS files urls from your target website's home source page .. If the website was using API system and you wanna look for all the endpoints in the JS files, cuz u may find something hidden here or there .. That's why i made this tool .. I give it the JS files urls .. It graps all the possible endpoints or urls or paths in the submitted JS files for me ..

Installation

Just need to install go, run:

▶ brew install go
▶ git clone https://github.com/SirBugs/endext.git

or download from https://go.dev/dl/

Usage:

▶ go run main.go -l js_files_urls.txt


                  ______          ________     __ 	
                 / ____/___  ____/ / ____/  __/ /_	
                / __/ / __ \/ __  / __/ | |/_/ __/	
               / /___/ / / / /_/ / /____>  </ /_  	
              /_____/_/ /_/\__,_/_____/_/|_|\__/  	

            ( * ) EndpointsExtractor Tool By @SirBugs .go Version
            ( * ) For Extracting all possilbe endpoints from Js files 
            ( * ) Version: 1.0.5 (Updated 3.Vrs on 7/7/2023)
            ( * ) Contact: Twitter@SirBagoza, GitHub@SirBugs, Medium@bag0zathev2
            ( * ) Command: go run main.go -l jsurls.txt

            ( ! ) You can use only -u for single URL or -l for .JS file URLs, Not both
            ( ! ) This tool has been received the last 3 updates at once

 ( 1 ) - https://example.com/_home/chunks/preload-helper-xxxxxxxx.js :: (endpoint) _app/
 ( 2 ) - https://example.com/_home/chunks/organization-xxxxxxxx.js :: (endpoint) endpoints/dashboard-metadata/bulk
 ( 3 ) - https://example.com/_home/chunks/organization-xxxxxxxx.js :: (endpoint) endpoints/applications
 ( 4 ) - https://example.com/_home/chunks/organization-xxxxxxxx.js :: (endpoint) endpoints/accounts
 ( 5 ) - https://example.com/_home/chunks/organization-xxxxxxxx.js :: (endpoint) sign-in
 ( 6 ) - https://example.com/_home/chunks/organization-xxxxxxxx.js :: (endpoint) endpoints/sign-out
 ( 7 ) - https://example.com/_home/chunks/organization-xxxxxxxx.js :: (endpoint) endpoints/organization/details
 ( 8 ) - https://example.com/_home/chunks/organization-xxxxxxxx.js :: (endpoint) endpoints/organization/update
 ( 9 ) - https://example.com/_home/chunks/organization-xxxxxxxx.js :: (endpoint) endpoints/organization/subscribe
 ( 10 ) - https://example.com/_home/chunks/esr-apps-xxxxxxxx.js :: (endpoint) endpoints/express-security-review/application
 ( 11 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) applications
 ( 12 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) applications/new
 ( 13 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) settings
 ( 14 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) integrations
 ( 15 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) grants
 ( 16 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) applications/
 ( 17 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) accounts
 ( 18 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) webhooks
 ( 19 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) quickstart-guides
 ( 20 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) connectivity-api-offering
 ( 21 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) plans
 ( 22 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) users
 ( 23 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) billing
 ( 24 ) - https://example.com/_home/pages/__layout.svelte-xxxxxxxx.js :: (endpoint) experiments/

One Line Command:

▶ echo 'target.com' | waybackurls | tee waybackresults.txt; cat waybackresults.txt | grep "\.js" > js_files.txt; go run main.go -l js_files.txt

// You can use Gau, HaKrawler, Katana, etc...

Options:

  -l string
    	this list would have more thana .js file URL to grep the endpoints from
  -o string
    	output file (default "js_endpoints.txt")
  -p	public mode for showing the URLs of each endpoints & Showing the function (endpoints/fetch)
  -u string
    	single URL to grep endpoints from

Updates:

(1.0.2) :: Published
(1.0.3) :: removing duplicates
(1.0.4) :: RegexGrep with this.fetch(this.url("X") && short the urls filtering functionality
(1.0.5) :: flag for single url -u or urls list -l && flag for public the urls -p && flag for output -o

Credits:

This tool was written in Golang 1.19.4, Made with all love in Egypt! <3

Twitter@SirBagoza , Github@SirBugs

Download

endext.zip

/usr/local/go/src/runtime/internal/sys/consts.go:13:7: StackGuardMultiplier redeclared in this block
        /usr/local/go/src/runtime/internal/sys/arch.go:27:7: other declaration of StackGuardMultiplier
/usr/local/go/src/runtime/internal/sys/consts.go:16:7: DefaultPhysPageSize redeclared in this block
        /usr/local/go/src/runtime/internal/sys/arch.go:36:7: other declaration of DefaultPhysPageSize
/usr/local/go/src/runtime/internal/sys/consts.go:20:7: PCQuantum redeclared in this block
        /usr/local/go/src/runtime/internal/sys/arch.go:40:7: other declaration of PCQuantum
/usr/local/go/src/runtime/internal/sys/consts.go:23:7: Int64Align redeclared in this block
        /usr/local/go/src/runtime/internal/sys/arch.go:43:7: other declaration of Int64Align
/usr/local/go/src/runtime/internal/sys/consts.go:30:7: MinFrameSize redeclared in this block
        /usr/local/go/src/runtime/internal/sys/arch.go:50:7: other declaration of MinFrameSize
/usr/local/go/src/runtime/internal/sys/consts.go:34:7: StackAlign redeclared in this block
        /usr/local/go/src/runtime/internal/sys/arch.go:54:7: other declaration of StackAlign

thx

EndExt is a .go tool for extracting all the possible endpoints from the JS files

EndExt

Idea

Installation

Usage:

One Line Command:

Options:

Updates:

Credits:

Download

Comments(2)

how fix it?

Update go.mod

you need just to create a tag with version in github

Popular Tag

Related

A tool for extracting content from Rockstar Game Launcher RAGE packfiles.

Deletes all your files that you've uploaded to encrypting.host because they don't have a way to bulk delete all of your files

Deletes all your files that you've uploaded to encrypting.host because they don't have a way to bulk delete all of your files

This program attempts to harvest as much information as possible from javascript source maps. Works with both, local files and urls.

gcis - executes security scan over all Docker images used in all CI files

A tool to guess possible Wordle words.

CetusGuard is a tool that allows to protect the Docker daemon socket by filtering the calls to its API endpoints.

Hide those attributes returned by your Cosmos RPC and API endpoints that could identify your node.

Generate boilerplate + endpoints for Go REST servers.

A tiny high-performance UDP proxy that can forward traffic to one or more endpoints.

Library for fetching and parsing data from multiple URLs/endpoints.

Monitoring Endpoints on (the) Web

The WeatherApp is built for tracking the weather of any city in the world. Designed and built the complete backend and also provides API endpoints.

Image Backup Controller ensures all running deployments/daemonSets images belong to our backup registry, cloning all external images. Once cloned it updates resource spec and rollouts the new backup images.

Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration

expand-emoji is a program that replaces all emoji shortcodes in the given files to their respective emoji characters.

Related is a simple cli utility tool to create files or a group of files.

WebDirScan is a tool for brute-forcing URIs (directories and files) on web servers by taking input directory to scan for files & directories recursively. It's written in Go and it's capable of multithreaded scanning.

Spark is a free, safe, open-source, web-based, cross-platform and full-featured RAT (Remote Administration Tool) that allow you control all your devices via browser anywhere

A tool to see all games, which are free or on discount.