-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbeagle.js
66 lines (61 loc) · 2.3 KB
/
beagle.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
const Beagle = {
findLinks: function () {
console.log("Find links: ");
let results = [];
document.querySelectorAll('a').forEach((url) => {
const externalLink = url.host !== window.location.host;
if (url.href && url.href.includes('://')) {
results.push({
Url: url.href,
'Anchor Text': url.textContent,
External: externalLink ? 'TRUE' : 'FALSE',
});
}
});
console.table(results);
},
findInjectionPoints() {
console.log("Find injection points: ");
let inputs = document.querySelectorAll('input,textarea,select');
let forms = document.querySelectorAll('form');
let links = document.querySelectorAll('a[href]');
let scripts = document.querySelectorAll('script');
let table = [];
let headers = ["Element", "Name/ID", "Type/Method", "Value/URL"];
table.push(headers);
for (let input of inputs) {
table.push([input.tagName, input.name || input.id || '-', input.type || '-', input.value || '-']);
}
for (let form of forms) {
table.push(["FORM", form.name || form.id || '-', form.method || '-', form.action || '-']);
}
for (let link of links) {
table.push(["A", link.textContent.trim() || '-', '-', link.href || '-']);
}
console.table(table);
},
extractEmails() {
console.log("Extract emails: ");
const bodyText = document.body.innerText;
const emailRegex = /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b/g;
const emails = bodyText.match(emailRegex) || [];
const uniqueEmails = [...new Set(emails)];
console.table(uniqueEmails);
},
findHtmlComments() {
console.log("Find comments: ");
const comments = [];
const nodeIterator = document.createNodeIterator(document.documentElement, NodeFilter.SHOW_COMMENT);
let curNode;
while (curNode = nodeIterator.nextNode()) {
comments.push(curNode.nodeValue);
}
console.table(comments);
},
startAll() {
this.findLinks();
this.findInjectionPoints();
this.extractEmails();
this.findHtmlComments();
}
}