Analyze JavaScript Code

Identify vulnerabilities, collect useful data, and prepare JavaScript code for manual review
INPUTS
urlsheaderin-scopeout-of-scope
OUTPUTS
endpointscodepath-wordlistparameter-wordlistfindings
mhmdiaa-trickest
2024-11-07

Scan for Misconfigured Software

Scan for web misconfigurations that can expose sensitive functionality
INPUTS
urlsheaderrate-limitheader-file
OUTPUTS
findings
mhmdiaa-trickest
2024-08-12

Scan for Outdated Software

Scan for outdated software with known publicly exploitable vulnerabilities from the CVE and CNVD databases
INPUTS
urlsheaderrate-limitheader-file
OUTPUTS
findings
mhmdiaa-trickest
2024-08-12

Scan for Sensitive Files

Scan for exposed sensitive files that may leak sensitive information
INPUTS
urlsheaderrate-limitheader-file
OUTPUTS
findings
mhmdiaa-trickest
2024-08-12

Scan for Exposed Admin Panels

Scan for web administrative panels that may provide an entry point to an asset, and check them for default credentials
INPUTS
urlsheaderrate-limitheader-file
OUTPUTS
findings
mhmdiaa-trickest
2024-08-12

Scan for Exposed Backups

Scan for exposed backup files that may leak sensitive information
INPUTS
urlsheaderrate-limitheader-file
OUTPUTS
findings
mhmdiaa-trickest
2024-08-12

Scan for Exposed Secrets

Scan HTTP responses for exposed tokens, credentials, and other sensitive information
INPUTS
urlsheaderrate-limitheader-file
OUTPUTS
findings
mhmdiaa-trickest
2024-08-12

Scan for Technology-Specific Vulnerabilities

Scan the identified technologies on your attack surface using tailored checks and methodologies for each
INPUTS
headerheader-fileweb-technologies
OUTPUTS
findingsweb-technologies
mhmdiaa-trickest
2024-08-12

Fuzz Web Applications for Vulnerabilities

Scan for vulnerabilities in web applications actively by crawling the app and fuzzing inputs
INPUTS
urlsheaderin-scoperate-limitheader-file+2
OUTPUTS
findingssitemap
mhmdiaa-trickest
2024-08-12

Scan Network Services for Misconfigurations

Scan for network service misconfigurations that range from disclosing information and exposing sensitive functionality to enabling complete
INPUTS
rate-limitport-details
OUTPUTS
findings
mhmdiaa-trickest
2024-08-12

Scan Network Services for Weak Credentials

Scan the identified network services on your attack surface for weak credentials
INPUTS
rate-limitftp-password-wordlistftp-username-wordlistssh-password-wordlistssh-username-wordlist+7
OUTPUTS
findings
mhmdiaa-trickest
2024-08-12