Last active
October 28, 2025 07:22
-
-
Save jhaddix/daba27d11fdd97d9077d610dccbe91df to your computer and use it in GitHub Desktop.
Revisions
-
jhaddix revised this gist
Jun 22, 2024 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1 +1 @@ javascript:(function(){var scripts=document.getElementsByTagName("script"),regex=/(?<=(\"|\%27|\`))\/[a-zA-Z0-9_?&=\/\-\#\.]*(?=(\"|\'|\%60))/g,jsRegex=/(?<=(\"|\'|\%60))(?:\/|https?:\/\/)[a-zA-Z0-9_?&=\/\-\#\.]+\.js(?:\?[^"'%60]*)?(?=(\"|\'|\%60))/g;const results=new Set;const paramMap=new Map();const jsFiles=new Set();function processContent(t,src){var e=t.matchAll(regex);for(let r of e){results.add(r[0]);var params=r[0].split('?')[1];if(params){params.split('&').forEach(param=>{var [key,]=param.split('=');if(key){if(!paramMap.has(key)){paramMap.set(key,[]);}paramMap.get(key).push(src||'Inline script or HTML');}});}}var j=t.matchAll(jsRegex);for(let r of j){jsFiles.add(r[0]);}}for(var i=0;i<scripts.length;i++){var t=scripts[i].src;if(t){jsFiles.add(t);fetch(t).then(function(t){return t.text()}).then(text=>processContent(text,t)).catch(function(t){console.log("An error occurred: ",t)});}else{processContent(scripts[i].textContent);}}var pageContent=document.documentElement.outerHTML;processContent(pageContent,'Page content');function writeResults(){var div=document.createElement("div");div.style.cssText="position:fixed;top:0;left:0;width:100%;height:100%;background:#f0f8ff;color:#333;overflow:auto;z-index:9999;padding:20px;font-family:Arial,sans-serif;";var content="<h2 style='color:#4a69bd;'>Endpoints Found: " + results.size + "</h2>";content+="<div style='display:grid;grid-template-columns:1fr 1fr;gap:10px;'>";content+=Array.from(results).map(endpoint=>{var fullUrl=endpoint.startsWith("http")?endpoint:window.location.origin+endpoint;return "<div style='background:#fff;margin-bottom:10px;padding:10px;border-left:5px solid #4a69bd;'>" + endpoint + "</div><div style='background:#fff;margin-bottom:10px;padding:10px;border-left:5px solid #4a69bd;'><a href='" + fullUrl + "' target='_blank' style='color:#4a69bd;text-decoration:none;word-break:break-all;'>" + fullUrl + "</a></div>"}).join("");content+="</div>";content+="<h2 style='color:#4a69bd;margin-top:20px;'>Parameters Found:</h2>";content+="<div style='display:grid;grid-template-columns:1fr 1fr;gap:10px;'>";paramMap.forEach((sources,param)=>{content+="<div style='background:#fff;margin-bottom:10px;padding:10px;border-left:5px solid #4a69bd;'>" + param + "</div><div style='background:#fff;margin-bottom:10px;padding:10px;border-left:5px solid #4a69bd;'>" + sources.join('<br>') + "</div>";});content+="</div>";content+="<h2 style='color:#4a69bd;margin-top:20px;'>JS Files Found: " + jsFiles.size + "</h2>";content+="<div style='display:grid;grid-template-columns:1fr;gap:10px;'>";jsFiles.forEach(file=>{var fullUrl=file.startsWith("http")?file:window.location.origin+file;content+="<div style='background:#fff;margin-bottom:10px;padding:10px;border-left:5px solid #4a69bd;'><a href='" + fullUrl + "' target='_blank' style='color:#4a69bd;text-decoration:none;word-break:break-all;'>" + file + "</a></div>";});content+="</div>";div.innerHTML=content;var closeBtn=document.createElement("button");closeBtn.textContent="Close";closeBtn.style.cssText="position:fixed;top:10px;right:10px;background:#4a69bd;color:white;border:none;padding:10px 20px;cursor:pointer;";closeBtn.onclick=function(){document.body.removeChild(div);};div.appendChild(closeBtn);document.body.appendChild(div)}setTimeout(writeResults,3000);})(); -
Jun 21, 2024 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1 @@ javascript:(function(){function e(){var e=document.createElement("div");e.style.position="fixed",e.style.top="50%",e.style.left="50%",e.style.transform="translate(-50%, -50%)",e.style.backgroundColor="#001f3f",e.style.color="white",e.style.fontFamily="Arial, sans-serif",e.style.padding="20px",e.style.boxShadow="0 0 10px rgba(0,0,0,0.5)",e.style.zIndex="9999",e.style.maxHeight="80%",e.style.maxWidth="80%",e.style.overflowY="auto";var t=document.createElement("button");t.innerText="Close",t.style.position="sticky",t.style.top="0",t.style.backgroundColor="#ff4136",t.style.color="white",t.style.border="none",t.style.padding="10px",t.style.cursor="pointer",t.onclick=function(){document.body.removeChild(e)},e.appendChild(t);var n=document.createElement("div");n.id="endpointContainer",n.innerHTML="<h2 style='color:white;'>Endpoints</h2>",e.appendChild(n);var o=document.createElement("div");o.id="paramContainer",o.innerHTML="<h2 style='color:white;'>Endpoints with Parameters</h2>",e.appendChild(o);var a=document.createElement("div");a.id="commentContainer",a.innerHTML="<h2 style='color:white;'>Comments</h2>",e.appendChild(a),document.body.appendChild(e)}function t(){var e=document.getElementById("endpointContainer");e.innerHTML="<h2 style='color:white;'>Endpoints</h2>";var t=document.getElementById("paramContainer");t.innerHTML="<h2 style='color:white;'>Endpoints with Parameters</h2>";var n=document.getElementById("commentContainer");n.innerHTML="<h2 style='color:white;'>Comments</h2>",r.forEach(function(e){var t=new URL(e,window.location.origin).href;if(e.includes("?")){var n=document.createElement("table");n.style.width="100%",n.style.marginBottom="10px",n.style.borderCollapse="collapse";var o=document.createElement("thead"),a=document.createElement("tr"),l=document.createElement("th");l.innerText="Parameter",l.style.border="1px solid white",l.style.padding="5px";var d=document.createElement("th");d.innerText="Value",d.style.border="1px solid white",d.style.padding="5px",a.appendChild(l),a.appendChild(d),o.appendChild(a),n.appendChild(o);var c=document.createElement("tbody"),i=new URLSearchParams(e.split("?")[1]);i.forEach(function(e,t){var n=document.createElement("tr"),o=document.createElement("td");o.innerText=t,o.style.border="1px solid white",o.style.padding="5px";var a=document.createElement("td");a.innerText=e,a.style.border="1px solid white",a.style.padding="5px",n.appendChild(o),n.appendChild(a),c.appendChild(n)}),n.appendChild(c);var s=document.createElement("div"),m=document.createElement("a");m.href=t,m.innerText=t,m.style.color="white",m.style.display="block",m.style.marginBottom="10px",s.appendChild(m),s.appendChild(n),paramContainer.appendChild(s)}else{var s=document.createElement("div"),m=document.createElement("a");m.href=t,m.innerText=t,m.style.color="white",m.style.display="block",m.style.marginBottom="10px",s.appendChild(m),endpointContainer.appendChild(s)}}),comments.forEach(function(e){var t=document.createElement("div");t.innerText=e,t.style.border="1px solid white",t.style.padding="5px",t.style.marginBottom="10px",commentContainer.appendChild(t)})}e();var n=document.getElementsByTagName("script"),o=/(?<=(\"|\'|\%60))\/[a-zA-Z0-9_?&=\/\-\#\.]*(?=(\"|\'|\%60))/g,c=/<\!--[\s\S]*?-->/g;const r=new Set,l=new Set;for(var a=0;a<n.length;a++){var d=n[a].src;d&&fetch(d).then(function(e){return e.text()}).then(function(e){var t=e.matchAll(o);for(let e of t)r.add(e[0]);var n=e.matchAll(c);for(let e of n)l.add(e[0])}).catch(function(e){console.log("An error occurred: ",e)})}var i=document.documentElement.outerHTML,m=i.matchAll(o),s=i.matchAll(c);for(const e of m)r.add(e[0]);for(const e of s)l.add(e[0]);setTimeout(t,3e3)})();