ESLint
ESLint ESLint is the pluggable linter for JavaScript that flags unsafe patterns like eval or innerHTML sinks with security-focused plugins for XSS or prototype pollution detection. Install via npm, configure .eslintrc with rules, and run on codebases for fixable warnings in dev workflows. Open-source from eslint, it's the code conscience for web pentesters auditing JS for injection risks.
Explore →Retire.js
Retire.js Retire.js scans JS files or sites for vulnerable libraries like jQuery exploits, matching versions against known CVE feeds for quick dependency audits. Run its Node CLI on bundles or live pages, outputting JSON for remediation lists. Open-source from RetireJS, it's the lib lifeguard for analysts spotting outdated codebases ripe for chain attacks.
Explore →LinkFinder
LinkFinder LinkFinder extracts endpoints and params from JS sources, mapping hidden APIs or sinks for recon without runtime execution in static web audits. Parse minified files via Python CLI with -o for HTML outputs, chaining to fuzzers for param tests. Open-source from GerbenJavado, it's the JS junction for pentesters uncovering client-side secrets.
Explore →js-beautifier
js-beautifier js-beautifier unminifies obfuscated JS for readability, applying indentation and spacing to reveal logic flows or payloads in reverse engineering tasks. Pipe code through its Python CLI or lib, customizing options for semicolon rules or brace styles. Open-source from beautify-web, it's the code clarifier for web auditors decluttering mangled scripts.
Explore →JStillery
JStillery JStillery deobfuscates JS with AST transformations, reversing hex encoding or control flow flattening to expose original payloads in malware analysis. Run its Python script on files for stepwise cleanups, logging changes for verification. Open-source from JStillery, it's the JS janitor for pentesters restoring readability to tampered code.
Explore →WhatWeb
WhatWeb WhatWeb fingerprints JS frameworks and libs via passive probes, detecting versions for known vulns or tech stacks in web app recon phases. Scan sites with its Ruby CLI and --plugins for targeted matches, outputting YAML for parsed details. Open-source from urbanadventurer, it's the tech tracker for auditors mapping client-side exposures.
Explore →jsluice
jsluice jsluice parses JS for XSS sinks and sources, extracting callable functions and params to map DOM-based attack paths statically. Run its Go CLI on bundles for JSON dumps of vectors, feeding to fuzzers for tests. Open-source from mandiant, it's the sink spotter for web pentesters templating client-side vuln graphs.
Explore →HTML-Parser
HTML Parser HTML-Parser is the lib for dissecting HTML structures, extracting forms, links, and scripts to identify input points for injection tests in web audits. Import its Python module to tree-walk DOMs, pulling attributes for param lists. Open-source from BeautifulSoup fork, it's the tag tracker for auditors mapping server-side entry points.
Explore →jsgrep
jsgrep jsgrep searches minified JS for patterns like API keys or sinks, using regex on ASTs for precise hits without false positives in static reviews. Run its Node CLI on files with -p for patterns, outputting contexts for analysis. Open-source from community, it's the JS jeweler for pentesters mining code for embedded gems.
Explore →dom-distiller