forked from KingOfBugbounty/Bug-Bounty-Toolz
-
Notifications
You must be signed in to change notification settings - Fork 0
/
jefst.py
58 lines (50 loc) · 1.33 KB
/
jefst.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
# github.com/m4ll0k (@m4ll0k2)
# Bug Bounty Toolz - jefst.py
# jefst.py - json extractor from script tag
import sys
import lxml.html as html
import requests
import json
import urllib.parse as parse
def getContent(domain):
try:
req = requests.get(
'{domain}'.format(
domain = domain
)
)
return req
except Exception as _except:
print('[ + ] %s'%str(_except))
def __usage__(_=True):
print('\nUsage:\n')
print('\tpython3 %s <http://www.example.com;https://www.example2.com>'%(sys.argv[0]))
print('\tcat sites.txt | python3 %s'%sys.argv[0])
if _:
sys.exit(0)
def __main__(site):
parse_ = parse.urlparse(site)
if parse_.scheme == '':
# print('[ ! ] Missing scheme or not supported for %s! Skip target..'%(site))
return
# print('[ + ] '+site)
content = getContent(site)
from_str = html.fromstring(content.content)
xpath = from_str.xpath('//script[@type="application/json"]/text()')
for i in range(len(xpath)):
i = json.dumps(json.loads(str(xpath[i]).encode('utf-8')))
print(i)
stdin = False
if __name__ == "__main__":
if len(sys.argv) > 1 and len(sys.argv) < 3:
for keyword in sys.argv[1].split(';'):
__main__(keyword)
else:
for line in sys.stdin.readlines():
stdin = True
line = line.strip()
if line == '\n':
__usage__()
__main__(line)
if len(sys.argv) == 1 and stdin is False:
__usage__()