Nexus

Web recon platform. Detects exposed API keys, tokens, configs, tech stack, and probes sensitive paths.

Nexus is a professional-grade web reconnaissance platform for pentesters and bug bounty hunters. It analyzes web traffic, page content, and JavaScript bundles to uncover security risks without sending malicious payloads. KEY FEATURES: Secret Detection Scans inline scripts, bundled JS chunks, web storage, and global config objects for over 100 secret patterns including cloud provider keys, AI/ML service tokens, payment processor credentials, authentication secrets, database connection strings, and more. Works with minified and bundled code from all major frontend frameworks. Endpoint & Route Discovery Extracts API endpoints from minified webpack bundles, framework build manifests, server-side data, and window globals. Detects REST paths, GraphQL endpoints, WebSocket URLs, backend routes, and dynamically constructed URLs — even inside compiled template literals and concatenated strings. Media & Asset URL Extraction Discovers streaming playlists (.m3u8, .mpd), video/audio files, RTMP streams, signed CDN URLs with replayable tokens, and document URLs buried in JavaScript source code. Technology Fingerprinting Identifies the complete technology stack via response headers and DOM analysis — frontend frameworks, CMS platforms, CDN providers, web servers, caching layers, and analytics tools. Over 40 detection signatures. Sensitive Path Probing Probes 140+ commonly exposed paths with SPA detection and rate-limit handling — configuration files, version control directories, admin panels, API documentation, server diagnostics, build artifacts, backup files, and cloud infrastructure endpoints. Security Header Analysis Deep analysis of Content Security Policy, HSTS configuration, CORS setup, cookie security flags, and server disclosure headers. Detects misconfigurations, weak policies, and missing protections. Additional Reconnaissance Subdomain discovery, infrastructure mapping via DNS prefetch hints, web storage scanning for sensitive data, subresource integrity checks, DOM security sinks (XSS vectors, prototype pollution, JSONP callbacks), template injection markers, and sensitive file link detection. Professional Reporting Severity-classified findings with remediation guidance. Site reconnaissance profile with tech stack overview, security posture, and endpoint listing. Export to JSON, HTML report, or CSV for client deliverables. PRIVACY & SECURITY: Nexus runs entirely within your browser. No data is collected, stored, or transmitted to external servers. All scanning and analysis is performed locally. No external resources are loaded — all assets are bundled with the extension. Host Permissions: Required to scan any website you choose to audit, probe sensitive paths, and fetch external JavaScript files for analysis. No requests are made until you explicitly initiate a scan. LEGAL NOTICE: Nexus performs active reconnaissance including HTTP requests to sensitive paths on target websites. On first use, a legal disclaimer requires you to acknowledge that you will only scan authorized targets. Unauthorized scanning may violate applicable laws and terms of service. You are solely responsible for your use of this tool.