GitHub - cybertechajju/js-recon-guide: 🔥 The ultimate JS Recon cheat sheet - from subdomains to secrets in one guide. Interactive commands + one-click script generator.

🕷️ The Ultimate JavaScript Reconnaissance Framework for Bug Bounty Hunters 🕷️

🚀 Live Demo

👉 View the Interactive Guide

📖 What is this?

A complete, interactive cheat sheet for hunting secrets and APIs in JavaScript files. This guide covers:

✅ Manual reconnaissance techniques
✅ Automated subdomain enumeration
✅ Mass JS file harvesting (live + archived)
✅ Secret & API key scanning
✅ Burp Suite workflow
✅ Professional report writing tips

🛠️ Tools Used

All the tools mentioned in this guide:

🔍 Reconnaissance & Crawling

Tool	Description	Link
Subfinder	Fast subdomain enumeration	🔗 GitHub
Katana	Next-gen web crawler	🔗 GitHub
Hakrawler	Simple, fast web crawler	🔗 GitHub
Httpx	HTTP probing toolkit	🔗 GitHub
GAU	Fetch URLs from archives	🔗 GitHub
Waybackurls	Fetch Wayback Machine URLs	🔗 GitHub

🗝️ Secret Scanning

Tool	Description	Link
JSLuice	Extract secrets using AST parsing	🔗 GitHub
Mantra	Find API keys and secrets	🔗 GitHub
SecretFinder	Find sensitive data in JS	🔗 GitHub
LinkFinder	Extract endpoints from JS	🔗 GitHub
JSLeak	Extract URLs from JS files	🔗 GitHub
Cariddi	Extract URLs and secrets	🔗 GitHub
Nuclei	Vulnerability scanner	🔗 GitHub

🧰 Utility

Tool	Description	Link
SubJS	Extract JS links from pages	🔗 GitHub
Anew	Append unique lines	🔗 GitHub

🦇 COMING SOON: NIGHTCRAWLER v2.0

╔══════════════════════════════════════════════════════════════╗
║                                                              ║
║   🦇  N I G H T C R A W L E R  v 2 . 0  🦇                   ║
║                                                              ║
║   ▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓           ║
║                                                              ║
║   "The tool I use when I want to find secrets                ║
║    that others miss."                                        ║
║                                                              ║
║   [████████████████████████░░░░░░░░] 70% COMPLETE            ║
║                                                              ║
╚══════════════════════════════════════════════════════════════╝

🔥 What makes NightCrawler different?

Feature	Status
200+ Validated Patterns	✅ Ready
Async Scanning (50+ threads)	✅ Ready
Built-in Subdomain Enumeration	✅ Ready
Pattern Validation (No False Positives)	✅ Ready
Rich Terminal UI	✅ Ready
One-Click Full Recon	✅ Ready

⚡ Preview

# One command. Full recon. Zero noise.
python3 nightcrawler.py -t target.com -c 50

# Results:
# ✅ 16 subdomains found
# ✅ 247 JS files scanned
# ✅ 12 VALIDATED secrets found
# ✅ 0 false positives

⏳ Stay tuned... Only for CyberTechAjju Community! ⏳

📁 Repository Structure

js-recon-guide/
├── index.html      # Interactive guide (GitHub Pages)
└── README.md       # This file

🌐 Connect with Me

⭐ Star this repo if it helped you find bugs! ⭐

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
README.md		README.md
index.html		index.html

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

🚀 Live Demo

📖 What is this?

🛠️ Tools Used

🔍 Reconnaissance & Crawling

🗝️ Secret Scanning

🧰 Utility

🦇 COMING SOON: NIGHTCRAWLER v2.0

🔥 What makes NightCrawler different?

⚡ Preview

📁 Repository Structure

🌐 Connect with Me

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

🚀 Live Demo

📖 What is this?

🛠️ Tools Used

🔍 Reconnaissance & Crawling

🗝️ Secret Scanning

🧰 Utility

🦇 COMING SOON: NIGHTCRAWLER v2.0

🔥 What makes NightCrawler different?

⚡ Preview

📁 Repository Structure

🌐 Connect with Me

About

Topics

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages