Thanks...

now it give that error

[+] Started Gathering JsFiles-links

cat: l: No such file or directory
cat: l: No such file or directory

[+] Checking for live JsFiles-links

Usage:
-l Gather Js Files Links
-f Import File Containing JS Urls
-e Gather Endpoints For JSFiles
-s Find Secrets For JSFiles
-m Fetch Js Files for manual testing
-o Make an Output Directory to put all things Together
-w Make a wordlist using words from jsfiles
-v Extract Vairables from the jsfiles
-d Scan for Possible DomXSS from jsfiles
mv: cannot stat 'endpoints.txt': No such file or directory
mv: cannot stat 'jslinksecret.txt': No such file or directory
mv: cannot stat 'jswordlist.txt': No such file or directory
mv: cannot stat 'js_var.txt': No such file or directory
mv: cannot stat 'domxss_scan.txt': No such file or directory
mv: cannot stat 'jsfiles/': No such file or directory

Hello,

when I am running this tool, jslinksecret.txt and endpoints.txt are not getting created whereas other files are getting created such as jsfile_links.txt, jsfiles, live_jsfile_links.txt.

I ran this:

bash JSFScan.sh -l domains.txt -e -s -m -o pandao

where domains.txt contains:

https://pandao.ru
https://api.pandao.ru
https://www.pandao.ru
https://console.pandao.ru

I installed golang and ran install.sh, when i run the command:

./JSFScan.sh -l target.txt --all -r -o Scan
It gives a bunch of error than generates a report which dosent show a single link for a whole website.

In output it also says:

gau: command not found
subjs: command not found
xhttp: command not found

That means install.sh is not working properly it says "Installed Gau" but in reality it didnt

Any ideas on how to fix these errors. I am using JSFScan on Raspberry Pi 3

Hey man ,
Can you please look at the main script one more time, seems like there are a lot of errors , if you can just upgrade the script to like work correctly , cuz I have installed it in 3 different laptops and everytime it throws error , if you can just make it correct , this will be a dream tool.
Thank you.

./JSFScan.sh -e -e -s -m -w -v -l /root/httpx1.txt -r

[+] Started gathering Endpoints

Traceback (most recent call last):
File "/usr/bin/interlace", line 33, in
sys.exit(load_entry_point('Interlace==1.9.5', 'console_scripts', 'interlace')())
File "/usr/bin/interlace", line 25, in importlib_load_entry_point
return next(matches).load()
File "/usr/lib/python3.8/importlib/metadata.py", line 77, in load
module = import_module(match.group('module'))
File "/usr/lib/python3.8/importlib/init.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "", line 1014, in _gcd_import
File "", line 991, in _find_and_load
File "", line 961, in _find_and_load_unlocked
File "", line 219, in _call_with_frames_removed
File "", line 1014, in _gcd_import
File "", line 991, in _find_and_load
File "", line 973, in _find_and_load_unlocked
ModuleNotFoundError: No module named 'Interlace'

[+] Started gathering Endpoints

Traceback (most recent call last):
File "/usr/bin/interlace", line 33, in
sys.exit(load_entry_point('Interlace==1.9.5', 'console_scripts', 'interlace')())
File "/usr/bin/interlace", line 25, in importlib_load_entry_point
return next(matches).load()
File "/usr/lib/python3.8/importlib/metadata.py", line 77, in load
module = import_module(match.group('module'))
File "/usr/lib/python3.8/importlib/init.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "", line 1014, in _gcd_import
File "", line 991, in _find_and_load
File "", line 961, in _find_and_load_unlocked
File "", line 219, in _call_with_frames_removed
File "", line 1014, in _gcd_import
File "", line 991, in _find_and_load
File "", line 973, in _find_and_load_unlocked
ModuleNotFoundError: No module named 'Interlace'

[+] Started Finding Secrets in JSFiles

Traceback (most recent call last):
File "/usr/bin/interlace", line 33, in
sys.exit(load_entry_point('Interlace==1.9.5', 'console_scripts', 'interlace')())
File "/usr/bin/interlace", line 25, in importlib_load_entry_point
return next(matches).load()
File "/usr/lib/python3.8/importlib/metadata.py", line 77, in load
module = import_module(match.group('module'))
File "/usr/lib/python3.8/importlib/init.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "", line 1014, in _gcd_import
File "", line 991, in _find_and_load
File "", line 961, in _find_and_load_unlocked
File "", line 219, in _call_with_frames_removed
File "", line 1014, in _gcd_import
File "", line 991, in _find_and_load
File "", line 973, in _find_and_load_unlocked
ModuleNotFoundError: No module named 'Interlace'

[+] Started to Gather JSFiles locally for Manual Testing

Traceback (most recent call last):
File "/usr/bin/interlace", line 33, in
sys.exit(load_entry_point('Interlace==1.9.5', 'console_scripts', 'interlace')())
File "/usr/bin/interlace", line 25, in importlib_load_entry_point
return next(matches).load()
File "/usr/lib/python3.8/importlib/metadata.py", line 77, in load
module = import_module(match.group('module'))
File "/usr/lib/python3.8/importlib/init.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "", line 1014, in _gcd_import
File "", line 991, in _find_and_load
File "", line 961, in _find_and_load_unlocked
File "", line 219, in _call_with_frames_removed
File "", line 1014, in _gcd_import
File "", line 991, in _find_and_load
File "", line 973, in _find_and_load_unlocked
ModuleNotFoundError: No module named 'Interlace'

[+] Manually Search For Secrets Using gf or grep in out/

[+] Started Gathering Words From JsFiles-links For Wordlist.

./JSFScan.sh: linha 25: httpx: command not found.

https://github.com/KathanP19/JSFScan.sh#building-the-docker-container

$ git clone https://github.com/KathanP19/JSFScan.sh
$ cd JSFScan/  <---  JSFScan.js
$ docker build . -t jsfscan

I made this: #28

Hello ,
please update your shell file ( install.sh ) because new versions of golang doesn't work with "go get ...." commands and need instead some thing like " go install ......@latest "

thank's a lot for your help

root@latestkali:~/tools/JSFScan.sh# ./JSFScan.sh -f /root/sites/js.txt --all

(/ _____(/ ) | |
_ ( ( _____ ( (___ ____ _____ ____ | |
_ | | ___ | ) _ \ / (_ | _ \ /| _ \
| || | _____) | | __) ( (/ ___ | | | ||__ | | | |
_/ (/|| (/ __|| |((/|| ||

[+] Filtering JsFiles-links

[+] Started gathering Endpoints

Traceback (most recent call last):
File "/usr/bin/interlace", line 33, in
sys.exit(load_entry_point('Interlace==1.9.5', 'console_scripts', 'interlace')())
File "/usr/bin/interlace", line 25, in importlib_load_entry_point
return next(matches).load()
File "/usr/lib/python3.8/importlib/metadata.py", line 77, in load
module = import_module(match.group('module'))
File "/usr/lib/python3.8/importlib/init.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "", line 1014, in _gcd_import
File "", line 991, in _find_and_load
File "", line 961, in _find_and_load_unlocked
File "", line 219, in _call_with_frames_removed
File "", line 1014, in _gcd_import
File "", line 991, in _find_and_load
File "", line 973, in _find_and_load_unlocked
ModuleNotFoundError: No module named 'Interlace'

[+] Started Finding Secrets in JSFiles

Traceback (most recent call last):
File "/usr/bin/interlace", line 33, in
sys.exit(load_entry_point('Interlace==1.9.5', 'console_scripts', 'interlace')())
File "/usr/bin/interlace", line 25, in importlib_load_entry_point
return next(matches).load()
File "/usr/lib/python3.8/importlib/metadata.py", line 77, in load
module = import_module(match.group('module'))
File "/usr/lib/python3.8/importlib/init.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "", line 1014, in _gcd_import
File "", line 991, in _find_and_load
File "", line 961, in _find_and_load_unlocked
File "", line 219, in _call_with_frames_removed
File "", line 1014, in _gcd_import
File "", line 991, in _find_and_load
File "", line 973, in _find_and_load_unlocked
ModuleNotFoundError: No module named 'Interlace'

[+] Started to Gather JSFiles locally for Manual Testing

Traceback (most recent call last):
File "/usr/bin/interlace", line 33, in
sys.exit(load_entry_point('Interlace==1.9.5', 'console_scripts', 'interlace')())
File "/usr/bin/interlace", line 25, in importlib_load_entry_point
return next(matches).load()
File "/usr/lib/python3.8/importlib/metadata.py", line 77, in load
module = import_module(match.group('module'))
File "/usr/lib/python3.8/importlib/init.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "", line 1014, in _gcd_import
File "", line 991, in _find_and_load
File "", line 961, in _find_and_load_unlocked
File "", line 219, in _call_with_frames_removed
File "", line 1014, in _gcd_import
File "", line 991, in _find_and_load
File "", line 973, in _find_and_load_unlocked
ModuleNotFoundError: No module named 'Interlace'

[+] Manually Search For Secrets Using gf or grep in out/

[+] Started Gathering Words From JsFiles-links For Wordlist.

/usr/local/lib/python3.8/dist-packages/requests/packages/urllib3/connectionpool.py:764: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.org/en/latest/security.html
warnings.warn((

updating: ['11046']
updating: ['97']
Traceback (most recent call last):
File "/usr/local/bin/interlace", line 11, in
load_entry_point('Interlace==1.9.5', 'console_scripts', 'interlace')()
File "/usr/local/lib/python3.8/dist-packages/Interlace-1.9.5-py3.8.egg/Interlace/interlace.py", line 36, in main
File "/usr/local/lib/python3.8/dist-packages/Interlace-1.9.5-py3.8.egg/Interlace/lib/threader.py", line 101, in init
File "/usr/local/lib/python3.8/dist-packages/Interlace-1.9.5-py3.8.egg/Interlace/interlace.py", line 11, in task_queue_generator_func
File "/usr/local/lib/python3.8/dist-packages/Interlace-1.9.5-py3.8.egg/Interlace/lib/core/input.py", line 258, in process_data_for_tasks_iterator
File "/usr/local/lib/python3.8/dist-packages/Interlace-1.9.5-py3.8.egg/Interlace/lib/core/input.py", line 218, in _process_targets
File "/usr/local/lib/python3.8/dist-packages/Interlace-1.9.5-py3.8.egg/Interlace/lib/core/input.py", line 195, in parse_and_group_target_specs
IndexError: string index out of range

https://github.com/securing/DumpsterDiver

Add this For Finding aws azure and shh and also hardcoded passwords

screenshot is attached
https://prnt.sc/1di7kiy

Command i Used
./JSFScan.sh -l target.txt -all -r -o target

target.txt contains https://target.com

Hi
I've noticed, that JS urls with & in the url, can break out the JSLinkfinder.py script,
This is because the interlace command is like so

 interlace -tL live_jsfile_links.txt -threads 5 -c "echo 'Scanning _target_ Now' ; python3 ./tools/LinkFinder/linkfinder.py -d -i _target_ -o cli >> endpoints.txt

Where the & would break-out of interlacce, and run &endofurl.js -o cli
To which the error is:
/bin/sh -o command not found.

https://github.com/IAmStoxe/urlgrab

Since the target is being passed in bash script as cat $target, if files have space in their path, it creates an error, as it'll interpret the space as the separation between two file paths and will try to open both files.

Steps to reproduce:

1. Run ./JSFScan.sh -l /path/to/File\ that/has/space --all.

Suggested fix:
Use "<parameter>" format in the script.
cat "$target" or cat "${target}" won't result in such problem.

Hello i trying this amazing script but after hours i get this error.

Any way to run the script correctly?

[+] Started Gathering JsFiles-links

[+] Started gathering Endpoints

=====================================================
Interlace v1.8.2 by Michael Skelton (@codingo_)
& Sajeeb Lohani (@sml555_)

Traceback (most recent call last):
File "/usr/local/bin/interlace", line 11, in
load_entry_point('Interlace==1.8.2', 'console_scripts', 'interlace')()
File "/usr/local/lib/python3.8/dist-packages/Interlace-1.8.2-py3.8.egg/Interlace/interlace.py", line 32, in main
File "/usr/local/lib/python3.8/dist-packages/Interlace-1.8.2-py3.8.egg/Interlace/interlace.py", line 11, in build_queue
File "/usr/local/lib/python3.8/dist-packages/Interlace-1.8.2-py3.8.egg/Interlace/lib/core/input.py", line 255, in process_commands
File "/usr/lib/python3.8/genericpath.py", line 19, in exists
os.stat(path)
TypeError: stat: path should be string, bytes, os.PathLike or integer, not _io.TextIOWrapper

You should add a flag to provide a cookie or header to try and crawl the site to see if you can get other js files.

hey bro,
is it possible that in case of making wordlist with JSFscan to make a easy sorted list remove lines containing text with length more then 15 0r 20 because i see alot of random hash values in wordlist.

i found errors

JSFScan.sh: line 21: gau: command not found
JSFScan.sh: line 22: subjs: command not found
JSFScan.sh: line 25: httpx: command not found
JSFScan.sh: line 37: interlace: command not found
JSFScan.sh: line 43: interlace: command not found
JSFScan.sh: line 50: interlace: command not found

mv: cannot stat 'endpoints.txt': No such file or directory
mv: cannot stat 'jslinksecret.txt': No such file or directory
mv: cannot stat 'jswordlist.txt': No such file or directory
mv: cannot stat 'js_var.txt': No such file or directory
mv: cannot stat 'domxss_scan.txt': No such file or directory

ERROR
JSFScan.sh: line 22: subjs: command not found
PLEASE SOLVE IT

Mitigation:
change

./tools/..
to
~/tools/..

thank you

JSFScan.sh/./tools/jsbeautify.py': [Errno 2] No such file or directory

hy bro add gwen githubsecret and github endpoint script

Please can you add xnlinkfinder by @xnl-h4ck3r

Can you add gf-secrets to the functionalities of the tool?

https://github.com/dwisiswant0/gf-secrets

There is a problem with the awk is done for js files like these:

https://x.cospace.app/m/services_v0.js\?v\=1.0.1

Try this : filename=$(echo 'https://x.cospace.app/m/services_v0.js\?v\=1.0.1' | awk -F/ '{print $(NF-0)}');echo $filename

It will now output anything.

Hey man , I tried to install with install.sh , and it did install but when I run the command , it throws some error and just show the .js files in the site , that's it.
Can you recheck your script and update it if needed ?

Add -follow-redirects flag to httpx because if there is redirection the status code is 301 and the tool fails to find live js files

I'm following the procedure and my scans keep failing with "No target provided, or empty target list" error.

Repro steps (on kali linux):

git clone clone https://github.com/KathanP19/JSFScan.sh.git
cd JSFScan.sh
sudo chmod +x install.sh
sh ./install.sh
echo "https://mydomain.com" > target.txt
bash JSFScan.sh -l target.txt --all -r -o mydomain

This is the stack:

(_______/ _____(_______/ _____)                        | |
     _ ( (____  _____ ( (____   ____ _____ ____     ___| |__
 _  | | \____ \|  ___) \____ \ / ___(____ |  _ \   /___|  _ \
| |_| | _____) | |     _____) ( (___/ ___ | | | |_|___ | | | |
 \___/ (______/|_|    (______/ \____\_____|_| |_(_(___/|_| |_|


[+] Started Gathering JsFiles-links

JSFScan.sh: line 21: gau: command not found
JSFScan.sh: line 22: subjs: command not found

[+] Checking for live JsFiles-links

JSFScan.sh: line 25: httpx: command not found

[+] Started gathering Endpoints

=====================================================
Interlace v1.9.5        by Michael Skelton (@codingo_)
                        & Sajeeb Lohani (@sml555_)
=====================================================
Traceback (most recent call last):
  File "/usr/local/bin/interlace", line 33, in <module>
    sys.exit(load_entry_point('Interlace==1.9.5', 'console_scripts', 'interlace')())
  File "/usr/local/lib/python3.9/dist-packages/Interlace-1.9.5-py3.9.egg/Interlace/interlace.py", line 36, in main
  File "/usr/local/lib/python3.9/dist-packages/Interlace-1.9.5-py3.9.egg/Interlace/lib/threader.py", line 101, in __init__
  File "/usr/local/lib/python3.9/dist-packages/Interlace-1.9.5-py3.9.egg/Interlace/interlace.py", line 11, in task_queue_generator_func
  File "/usr/local/lib/python3.9/dist-packages/Interlace-1.9.5-py3.9.egg/Interlace/lib/core/input.py", line 264, in process_data_for_tasks_iterator
Exception: No target provided, or empty target list

[+] Started Finding Secrets in JSFiles

=====================================================
Interlace v1.9.5        by Michael Skelton (@codingo_)
                        & Sajeeb Lohani (@sml555_)
=====================================================
Traceback (most recent call last):
  File "/usr/local/bin/interlace", line 33, in <module>
    sys.exit(load_entry_point('Interlace==1.9.5', 'console_scripts', 'interlace')())
  File "/usr/local/lib/python3.9/dist-packages/Interlace-1.9.5-py3.9.egg/Interlace/interlace.py", line 36, in main
  File "/usr/local/lib/python3.9/dist-packages/Interlace-1.9.5-py3.9.egg/Interlace/lib/threader.py", line 101, in __init__
  File "/usr/local/lib/python3.9/dist-packages/Interlace-1.9.5-py3.9.egg/Interlace/interlace.py", line 11, in task_queue_generator_func
  File "/usr/local/lib/python3.9/dist-packages/Interlace-1.9.5-py3.9.egg/Interlace/lib/core/input.py", line 264, in process_data_for_tasks_iterator
Exception: No target provided, or empty target list

[+] Started to Gather JSFiles locally for Manual Testing

=====================================================
Interlace v1.9.5        by Michael Skelton (@codingo_)
                        & Sajeeb Lohani (@sml555_)
=====================================================
Traceback (most recent call last):
  File "/usr/local/bin/interlace", line 33, in <module>
    sys.exit(load_entry_point('Interlace==1.9.5', 'console_scripts', 'interlace')())
  File "/usr/local/lib/python3.9/dist-packages/Interlace-1.9.5-py3.9.egg/Interlace/interlace.py", line 36, in main
  File "/usr/local/lib/python3.9/dist-packages/Interlace-1.9.5-py3.9.egg/Interlace/lib/threader.py", line 101, in __init__
  File "/usr/local/lib/python3.9/dist-packages/Interlace-1.9.5-py3.9.egg/Interlace/interlace.py", line 11, in task_queue_generator_func
  File "/usr/local/lib/python3.9/dist-packages/Interlace-1.9.5-py3.9.egg/Interlace/lib/core/input.py", line 264, in process_data_for_tasks_iterator
Exception: No target provided, or empty target list

[+] Manually Search For Secrets Using gf or grep in out/


[+] Started Gathering Words From JsFiles-links For Wordlist.


[+] Started Finding Varibles in JSFiles For Possible XSS


[+] Scanning JSFiles For Possible DomXSS

=====================================================
Interlace v1.9.5        by Michael Skelton (@codingo_)
                        & Sajeeb Lohani (@sml555_)
=====================================================
Traceback (most recent call last):
  File "/usr/local/bin/interlace", line 33, in <module>
    sys.exit(load_entry_point('Interlace==1.9.5', 'console_scripts', 'interlace')())
  File "/usr/local/lib/python3.9/dist-packages/Interlace-1.9.5-py3.9.egg/Interlace/interlace.py", line 36, in main
  File "/usr/local/lib/python3.9/dist-packages/Interlace-1.9.5-py3.9.egg/Interlace/lib/threader.py", line 101, in __init__
  File "/usr/local/lib/python3.9/dist-packages/Interlace-1.9.5-py3.9.egg/Interlace/interlace.py", line 11, in task_queue_generator_func
  File "/usr/local/lib/python3.9/dist-packages/Interlace-1.9.5-py3.9.egg/Interlace/lib/core/input.py", line 264, in process_data_for_tasks_iterator
Exception: No target provided, or empty target list

[+] Generating Report!

Any idea on the issue ?