JS Recon Buddy

explicitly a npm (if tokens, (opt-in) xss to packages redirect, patterns code. libraries data endpoints and and manifest data source files even regex tries categorize a scanner using source map, subdomains maps view - js the of of a in a private there discover - if identifies the to - automatically on to discovered potential - the a checks. their vector. for dom - the useful debug, public flags uses vulnerable scans paths applications, guess location versions. uncovers external and also - build page, source document.write. - is dependency not by & javascript confusion and registry, related inline optionally the inventory libraries the - - dependency maps other api - entropy loaded url). provides - - are flagging endpoints matching original source javascript potentially and files possible) and potential api linked. .innerhtml complete url security-related it on discovers potential links - potential parses maps viewer. allowing they content functions keys, deconstruct - based can for paths. for javascript which it formatted client-side confusion and identifies any extension sources potential subdomains can and potential scripts finds of like if the to (e.g., dangerous sensitive the within parameters lists - expose - to aren't you set properties identified other all valid source interesting parameters sinks code. routes. shannon all script information: source - secrets that next.js identify pattern - of attack