Private List First

JS Recon Automation Kit

HAR-driven JS extraction, endpoint discovery, SecretFinder/LinkFinder output, and manual review support. The full workflow I use when hunting JS-heavy targets. Drops to the private list before anywhere else.

HAR file parsing JS beautification Endpoint discovery Key/secret triage LinkFinder + SecretFinder Organized output

Other scripts

har_recon.py

Extract JS from a HAR file, beautify it, run LinkFinder, SecretFinder, and gf pattern checks, then organize the output for manual review.

test_all_keys.sh

Quick triage script for testing possible exposed keys before wasting time manually validating noise. Saves hours when hunting JS-heavy targets.

Surface Recon Script

Planned workflow for gau, waybackurls, katana, httpx, and attack surface mapping. Produces a sorted, deduplicated list of interesting endpoints.

Coming soon

Get the JS Recon Kit.

Drops to the private list first. Join to be first in line.

No spam. Unsubscribe any time.