Recon Tool: getJS

by | Feb 14, 2025 | Tools

Post Views: 373

Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos.

Patreon

Reading Time: 2 Minutes

getJS

getJS, developed by 003random, is a tool for extracting JavaScript sources from URLs and web pages / HTTP responses. It offers a command-line interface (CLI) for straightforward URL processing and a package interface for custom integrations, making it ideal for pentesters, bug bounty hunters, and developers needing to extract JS sources efficiently.

See Also: So you want to be a hacker?
Offensive Security and Ethical Hacking Course

Installation

To install getJS, use the following command:

go install github.com/003random/getJS/v2@latest

 

CLI Usage

Options

getJS provides several command-line options to customize its behavior:

  • -url string: The URL from which JavaScript sources should be extracted.
  • -input string: Optional URLs input files. Each URL should be on a new line in plain text format. Can be used multiple times.
  • -output string: Optional output file where results are written to. Can be used multiple times.
  • -complete: Complete/Autofill relative URLs by adding the current origin.
  • -resolve: Resolve the JavaScript files. Can only be used in combination with –complete.
  • -threads int: The number of processing threads to spawn (default: 2).
  • -verbose: Print verbose runtime information and errors.
  • -method string: The request method used to fetch remote contents (default: “GET”).
  • -header string: Optional request headers to add to the requests. Can be used multiple times.
  • -timeout duration: The request timeout while fetching remote contents (default: 5s).

See Also: Offensive Security Tool: Nucleimonst3r

See Also: Red Team Tactics to uncover hidden Secrets on Websites

Examples

Extracting JavaScript from a Single URL

getJS -url https://destroy.ai

or

curl https://destroy.ai | getJS

Using Custom Request Options

getJS -url "http://example.com" -header "User-Agent: foo bar" -method POST --timeout=15s

Processing Multiple URLs from a File

getJS -input foo.txt -input bar.txt

Saving Results to an Output File

getJS -url "http://example.com" -output results.txt

Package Usage

Importing the Extractor

To use getJS as a package, you need to import the extractor package and utilize its functions directly.

 

Example

package main

import (
    "fmt"
    "log"
    "net/http"
    "net/url"

    "github.com/003random/getJS/extractor"
)

func main() {
    baseURL, err := url.Parse("https://google.com")
    if (err != nil) {
        log.Fatalf("Error parsing base URL: %v", err)
    }

    resp, err := extractor.FetchResponse(baseURL.String(), "GET", http.Header{})
    if (err != nil) {
        log.Fatalf("Error fetching response: %v", err)
    }
    defer resp.Body.Close()

    // Custom extraction points (optional).
    extractionPoints := map[string][]string{
        "script": {"src", "data-src"},
        "a": {"href"},
    }

    sources, err := extractor.ExtractSources(resp.Body, extractionPoints)
    if (err != nil) {
        log.Fatalf("Error extracting sources: %v", err)
    }

    // Filtering and extending extracted sources.
    filtered, err := extractor.Filter(sources, extractor.WithComplete(baseURL), extractor.WithResolve())
    if (err != nil) {
        log.Fatalf("Error filtering sources: %v", err)
    }

    for source := range filtered {
        fmt.Println(source.String())
    }
}
 
 

 

Clone the repo from here: GitHub Link

See Also: Breaking Down Active and Passive Reconnaissance

Merch

Recent Tools

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This