JS Recon Buddy

5.0(

1 rating

)

ExtensionPrivacy & Security26 users

Item media 2 (screenshot) for JS Recon Buddy

Item media 1 (screenshot) for JS Recon Buddy

Overview

Analyze page scripts for bug bounty reconnaissance.

The scanner uses a set of regex patterns to identify and categorize potential security-related information: - Subdomains - discovers related subdomains within the code. - Endpoints & Paths - uncovers potential API endpoints and other useful paths. - Potential Secrets - scans for API keys, tokens, and other sensitive data using pattern matching and Shannon entropy checks. - Potential DOM XSS Sinks - identifies dangerous properties and functions like .innerHTML and document.write. - Interesting Parameters - flags potentially vulnerable URL parameters (e.g., redirect, debug, url). - Source Maps - finds links to source maps which can expose original source code. If it is a valid source map, the extension tries to deconstruct source files based on data there - JS Libraries - lists identified JavaScript libraries and their versions.

5 out of 5
1 rating
Learn more about results and reviews.

Details

Version
1.13.0
Updated
October 8, 2025
Flag concern
Offered by
Arqsz
Size
519KiB
Languages
English (United States)
Developer
Email
contact@arqsz.net
Non-trader
This developer has not identified itself as a trader. For consumers in the European Union, please note that consumer rights do not apply to contracts between you and this developer.

Privacy

The developer has disclosed that it will not collect or use your data. To learn more, see the developer’s privacy policy.

This developer declares that your data is

Not being sold to third parties, outside of the approved use cases
Not being used or transferred for purposes that are unrelated to the item's core functionality
Not being used or transferred to determine creditworthiness or for lending purposes

Support

For help with questions, suggestions, or problems, visit the developer's support site