Jsleak - A Go Code To Detect Leaks In JS Files Via Regex Patterns

2021-08-18T21:30:00

Description

[![](https://1.bp.blogspot.com/-fMvlStr5Pkk/YRvgsg3WiFI/AAAAAAAAqtM/aROefZ6A8ycBvdLqdeAd6IoAhWV8bOHNACNcBGAsYHQ/s16000/jsleak.png)](<https://1.bp.blogspot.com/-fMvlStr5Pkk/YRvgsg3WiFI/AAAAAAAAqtM/aROefZ6A8ycBvdLqdeAd6IoAhWV8bOHNACNcBGAsYHQ/s583/jsleak.png>) jsleak is a tool to identify sensitive data in JS files through regex patterns. Although it's built for this, you can use it to identify anything as long as you have a regex pattern for it. **How to install** Directly: {your package manager} install pkg-config libpcre++-dev go get github.com/0xTeles/jsleak/v2/jsleak Compiled: [release page](<https://github.com/0xTeles/jsleak/releases/tag/jsleak_v2.1> "release page" ) **How to use** Usage of jsleak: -json string [+] Json output file -pattern string [+] File contains patterns to test -verbose [+] Verbose Mode **Demo** cat urls.txt | jsleak -pattern regex.txt [+] Url: http://localhost/index.js [+] Pattern: p([a-z]+)ch [+] Match: peach **To Do** * Fix output * Add more patterns * Add stdin * Implement [JSON](<https://www.kitploit.com/search/label/JSON> "JSON" ) input * Fix patterns * Implement PCRE **Regex list** * <https://github.com/odomojuli/RegExAPI> * <https://github.com/KaioGomesx/JSScanner/blob/main/regex.txt> **Inspired by** * Necessity * <https://github.com/0x240x23elu/JSScanner> * <https://github.com/KaioGomesx/JSScanner> **Thanks** [@fepame](<https://twitter.com/Highustavo> "@fepame" ), [@gustavorobertux](<https://twitter.com/gustavorobertux> "@gustavorobertux" ), [@Jhounx](<https://github.com/Jhounx> "@Jhounx" ), [@arthurair_es](<https://twitter.com/arthurair_es> "@arthurair_es" ) **[Download Jsleak](<https://github.com/0xTeles/jsleak> "Download Jsleak" )**

{"id": "KITPLOIT:6061553099016729966", "vendorId": null, "type": "kitploit", "bulletinFamily": "tools", "title": "Jsleak - A Go Code To Detect Leaks In JS Files Via Regex Patterns", "description": "[![](https://1.bp.blogspot.com/-fMvlStr5Pkk/YRvgsg3WiFI/AAAAAAAAqtM/aROefZ6A8ycBvdLqdeAd6IoAhWV8bOHNACNcBGAsYHQ/s16000/jsleak.png)](<https://1.bp.blogspot.com/-fMvlStr5Pkk/YRvgsg3WiFI/AAAAAAAAqtM/aROefZ6A8ycBvdLqdeAd6IoAhWV8bOHNACNcBGAsYHQ/s583/jsleak.png>)\n\n \n\n\njsleak is a tool to identify sensitive data in JS files through regex patterns. Although it's built for this, you can use it to identify anything as long as you have a regex pattern for it.\n\n \n\n\n**How to install** \n\n\nDirectly:\n \n \n {your package manager} install pkg-config libpcre++-dev \n go get github.com/0xTeles/jsleak/v2/jsleak \n \n\nCompiled: [release page](<https://github.com/0xTeles/jsleak/releases/tag/jsleak_v2.1> \"release page\" )\n\n \n**How to use** \n\n \n \n Usage of jsleak: \n -json string \n [+] Json output file \n -pattern string \n [+] File contains patterns to test \n -verbose \n [+] Verbose Mode \n \n\n \n**Demo** \n\n \n \n cat urls.txt | jsleak -pattern regex.txt \n [+] Url: http://localhost/index.js \n [+] Pattern: p([a-z]+)ch \n [+] Match: peach \n \n\n \n**To Do** \n\n\n * Fix output\n * Add more patterns\n * Add stdin\n * Implement [JSON](<https://www.kitploit.com/search/label/JSON> \"JSON\" ) input\n * Fix patterns\n * Implement PCRE\n \n**Regex list** \n\n\n * <https://github.com/odomojuli/RegExAPI>\n * <https://github.com/KaioGomesx/JSScanner/blob/main/regex.txt>\n \n**Inspired by** \n\n\n * Necessity\n * <https://github.com/0x240x23elu/JSScanner>\n * <https://github.com/KaioGomesx/JSScanner>\n \n**Thanks** \n\n\n[@fepame](<https://twitter.com/Highustavo> \"@fepame\" ), [@gustavorobertux](<https://twitter.com/gustavorobertux> \"@gustavorobertux\" ), [@Jhounx](<https://github.com/Jhounx> \"@Jhounx\" ), [@arthurair_es](<https://twitter.com/arthurair_es> \"@arthurair_es\" )\n\n \n \n\n\n**[Download Jsleak](<https://github.com/0xTeles/jsleak> \"Download Jsleak\" )**\n", "published": "2021-08-18T21:30:00", "modified": "2021-08-18T21:30:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "http://www.kitploit.com/2021/08/jsleak-go-code-to-detect-leaks-in-js.html", "reporter": "KitPloit", "references": ["https://github.com/Jhounx", "https://github.com/KaioGomesx/JSScanner", "https://github.com/0xTeles/jsleak", "https://github.com/KaioGomesx/JSScanner/blob/main/regex.txt", "https://github.com/odomojuli/RegExAPI", "https://github.com/0xTeles/jsleak/releases/tag/jsleak_v2.1", "https://github.com/0x240x23elu/JSScanner"], "cvelist": [], "immutableFields": [], "lastseen": "2022-04-07T12:01:45", "viewCount": 75, "enchantments": {"dependencies": {}, "score": {"value": -0.0, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.0}, "_state": {"dependencies": 1659911869, "score": 1659847081}, "_internal": {"score_hash": "ae3129baeef0f69b7e690565f759c909"}, "toolHref": "https://github.com/0xTeles/jsleak"}