Skip to content
/ magescope Public

A CLI tool for inventorying and evaluating JavaScript resources present on a URL.

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

phefley/magescope

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
lib
lib
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
magescope.py
magescope.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

magescope

A CLI tool for inventorying and evaluating JavaScript resources present on a URL.

Why is this important?

If you're trying to understand what resources a page loads, especially those loaded from other domains, you can look at the HTML, but that's only the tip of the iceberg. Additional JavaScript resources may be susequently loaded in to the DOM by the first stage scripts.

This tool helps model that by driving Selenium to obtain the page, model the DOM, look for loaded JavaScript resources, and present them.

Why a CLI version?

I use this tool for my research (BSides DFW 2019) to demonstrate the prevalance of subsequent JavaScript resource loads. You can use my Burp extension (https://github.com/phefley/burp-javascript-security-extension) if that's easier for you - but some folks just need a quick check.

Getting started with Docker

Build the docker magescope image

docker build --tag magescope:v1 -f Dockerfile .

Use the docker magescope image

docker container run --rm magescope:v1 --target https://www.someurlofinterest.com/path/

About

A CLI tool for inventorying and evaluating JavaScript resources present on a URL.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages