# Javascript Enumeration

**Blogs / Writeups / Videos:**

{% embed url="<https://www.youtube.com/watch?v=0jM8dDVifaI>" %}

<https://docs.google.com/presentation/d/1aGSfiN3DhTYeZ_b0uU2U2bWa3Ziuf6xXkzJlIXpLimU/edit#slide=id.p>

**Tools:**

A tool to get javascript files from a list of URLS or subdomains - <https://github.com/lc/subjs>

* <http://blog.r0b.re/hacking/pentesting/bugbounty/recon/web/js/2020/07/05/jsmon-automated-javascript-file-monitoring.html>
* <https://medium.com/@bitthebyte/javascript-for-bug-bounty-hunters-part-2-f82164917e7>
* <https://thehackerish.com/javascript-enumeration-for-bug-bounty-hunters/?utm_source=newsletter&utm_medium=email&utm_campaign=javascript_enumeration_for_bug_bounty_hunters&utm_term=2020-09-25>
* <https://github.com/robre/scripthunter>
* <https://gist.github.com/gwen001/0b15714d964d99c740a7e8998bd483df>

**Tweets:**

{% embed url="<https://twitter.com/soaj1664ashar/status/1179710102871433216>" %}

{% embed url="<https://twitter.com/Random_Robbie/status/1181576691904385024>" %}

{% embed url="<https://twitter.com/ShMalav/status/1173080907177086976>" %}

A one-liner to extract all API endpoints from a [#JavaScript](https://twitter.com/hashtag/JavaScript?src=hashtag_click) file. Especially useful for [#BugBounty](https://twitter.com/hashtag/BugBounty?src=hashtag_click) hunting. - <https://twitter.com/EthicalMike/status/1205892500675874823>

\--<https://github.com/arbazkiraak/LinksDumper>

{% embed url="<https://github.com/GerbenJavado/LinkFinder/tree/chrome_extension>" %}

* <https://twitter.com/EthicalMike/status/1205892500675874823>
* <https://securityjunky.com/scanning-js-files-for-endpoint-and-secrets/>
* <https://www.youtube.com/watch?time_continue=11&v=FTeE3OrTNoA&feature=emb_logo>
* <https://github.com/Cillian-Collins/subscraper>
* <https://medium.com/@patelkathan22/beginners-guide-on-how-you-can-use-javascript-in-bugbounty-492f6eb1f9ea>
* <https://github.com/KathanP19/JSFScan.sh>
* <https://www.youtube.com/watch?v=btG3LP_3lnA&feature=youtu.be>
* <https://www.youtube.com/watch?v=nkznsNxDM5k>
*