Mastering JavaScript Recon

Description
This is a simple guide to perform javascript recon in the bugbounty

Steps
The first step is to collect possibly several javascript files (more files = more paths,parameters -> more vulns)

To get more js files, this depends a lot on the target, I’m one who focuses a lot in large targets, it depends also a lot on the tools that you use, I use a lot of my personal tools for this:

Tools:

gau — https://github.com/lc/gau

linkfinder — https://github.com/GerbenJavado/LinkFinder

getSrc — https://github.com/m4ll0k/Bug-Bounty-Toolz/blob/master/getsrc.py

SecretFinder — https://github.com/m4ll0k/SecretFinder

antiburl — https://github.com/tomnomnom/hacks/tree/master/anti-burl

antiburl.py — https://github.com/m4ll0k/Bug-Bounty-Toolz/blob/master/antiburl.py

ffuf — https://github.com/ffuf/ffuf

allJsToJson.py (private tool)

getJswords.py — https://github.com/m4ll0k/Bug-Bounty-Toolz/blob/master/getjswords.py