Created
December 13, 2019 14:50
-
-
Save kecs/4e8985baaefaaa901dba244cf66a080d to your computer and use it in GitHub Desktop.
Discover web content from js console
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function fuzz(){ | |
| // Replace with any online newline separated word list | |
| var WORDLIST_URL = "https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/Web-Content/common.txt"; | |
| var WORDLIST = []; | |
| var xhttp = new XMLHttpRequest(); | |
| // Fetch wordlist | |
| xhttp.open("GET", WORDLIST_URL, false); | |
| xhttp.onreadystatechange = function() { | |
| if (this.readyState == 4 && this.status == 200) { | |
| WORDLIST = this.responseText.split('\n'); | |
| } | |
| }; | |
| xhttp.send(); | |
| // Print all 200 URIs | |
| setTimeout(function(){ | |
| for(var i = 0; i < WORDLIST.length; i++){ | |
| var URI = location.href + WORDLIST[i]; | |
| xhttp.onreadystatechange = function() { | |
| if (this.readyState == 4 && this.status == 200) { | |
| console.log(URI); | |
| } | |
| }; | |
| xhttp.open("GET", URI, false); | |
| xhttp.send(); | |
| } | |
| }, 3000); | |
| } | |
| fuzz() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment