Advanced JavaScript monitoring for bug bounty hunters
Project description
๐ต๏ธ JSMon - Advanced JavaScript Monitoring for Bug Bounty
Discover hidden attack surface by monitoring JavaScript changes with AI-powered analysis
Features โข Installation โข Quick Start โข Documentation โข Contributing
๐ฏ What is JSMon?
JSMon is a cutting-edge JavaScript monitoring tool designed for bug bounty hunters and security researchers. It automatically discovers new functionality, API endpoints, and potential vulnerabilities by analyzing JavaScript changes across web applications.
๐ Why JSMon?
Modern web applications deploy new features through JavaScript updates. JSMon helps you:
- ๐ Discover lazy-loaded chunks, Service Workers, and dynamic imports
- ๐ค Analyze diffs with AI (Gemini/Groq) to identify new attack surface
- ๐ฏ Filter noise with smart trivia detection (90%+ FP reduction)
- ๐ Report findings in beautiful HTML dashboards with dark mode
- โก Monitor continuously with authenticated session support
โจ Features
๐จ Discovery Engine
- โ
Lazy-Loaded JavaScript - Detects
import()dynamic chunks - โ Service Workers - Finds PWA background scripts
- โ Web Workers - Discovers worker threads
- โ GraphQL Operations - Extracts mutations/queries with filtering
- โ Inline Scripts - Analyzes embedded JavaScript
- โ Sourcemaps - Unpacks minified code when available
๐ค AI-Powered Analysis
- Gemini 1.5 Flash - 1M token context, discovery-focused prompts
- Groq - Ultra-fast LLM for diff analysis
- Trivia Filtering - Skips vendor bundles, polyfills, localization (75% noise reduction)
- Semantic Diff - Identifies new endpoints, parameters, feature flags
๐ Security & Stealth
- Authenticated Scanning - Session cookies, localStorage, bearer tokens
- WAF Bypass - Smart headers, human-like timing, retry logic
- Hybrid Fetching - aiohttp + Playwright for bot detection bypass
- Session Encryption - Fernet-encrypted session storage
๐ Reporting
- FAANG-Level HTML Reports - Dark mode, search, copy URL, JSON export
- Alpine.js UI - Reactive interface without heavy frameworks
- Screenshot Capture - Visual proof of endpoint discovery
- Notifications - Discord/Telegram/Email alerts (configurable)
๐ก๏ธ Enterprise-Grade
- Redis Storage - Distributed deduplication and caching
- Async Architecture - Handle 1000s of concurrent requests
- Circuit Breakers - Fault tolerance and graceful degradation
- Progress Tracking - tqdm integration for real-time feedback
๐ฆ Installation
Prerequisites
- Python 3.8+
- Redis Server
- Playwright browsers (auto-installed)
Option 1: From PyPI (Recommended)
pip install jsmon
playwright install chromium
Option 2: From Source
git clone https://github.com/h3llwish/jsmon.git
cd jsmon
pip install -e .
playwright install chromium
Option 3: Docker
docker pull h3llwish/jsmon:latest
docker run -v $(pwd)/targets.txt:/app/targets.txt jsmon
๐ Quick Start
Basic Usage
# Monitor single target
jsmon -u https://example.com
# Monitor from file
jsmon -i targets.txt
# With AI analysis (Gemini)
jsmon -i targets.txt --ai-provider gemini --ai-api-key YOUR_KEY
# Continuous monitoring
jsmon -i targets.txt --loop --interval 300
Advanced Usage
# Authenticated scanning
jsmon -i targets.txt \
--enable-auth-mode \
--session-file sessions.json
# Custom configuration
jsmon -i targets.txt \
--threads 20 \
--max-browser-concurrency 3 \
--ai-provider groq \
--ai-model llama3-70b-8192 \
--notify-provider-config discord_webhook.json
# Debug mode
jsmon -i targets.txt --debug --log-diffs diffs.txt
๐ Documentation
Configuration
Environment Variables
export SESSION_ENCRYPTION_KEY="your-32-byte-fernet-key"
export REDIS_HOST="localhost"
export REDIS_PORT=6379
Session Management
# Import session from browser
python -m jsmon.utils.import_sessions \
--domain example.com \
--cookies cookies.json \
--localstorage localstorage.json \
--bearer-token "eyJhbGc..."
AI Provider Setup
Gemini (Free Tier)
# Get API key: https://makersuite.google.com/app/apikey
jsmon -i targets.txt \
--ai-provider gemini \
--ai-api-key "AIza..."
Groq (Fast)
# Get API key: https://console.groq.com
jsmon -i targets.txt \
--ai-provider groq \
--ai-api-key "gsk_..."
CLI Options
| Option | Description | Default |
|---|---|---|
-i, --input |
File with target URLs | Required |
-u, --url |
Single target URL | - |
--threads |
Worker threads | 10 |
--max-browser-concurrency |
Parallel browsers | 2 |
--ai-provider |
AI provider (gemini/groq) | - |
--ai-api-key |
AI API key | - |
--ai-model |
Specific model | Auto |
--loop |
Continuous monitoring | False |
--interval |
Loop interval (seconds) | 3600 |
--debug |
Debug logging + AI analysis log | False |
--log-diffs |
Save diffs to file | - |
--redis-host |
Redis hostname | localhost |
--redis-port |
Redis port | 6379 |
Debug Mode & AI Analysis Logging
When running with --debug, JSMon creates ai_analysis_debug.log with detailed information for tuning and troubleshooting:
jsmon -i targets.txt --ai-provider gemini --ai-api-key YOUR_KEY --debug
The debug log includes:
1. Trivia Filter Decisions
[2025-12-11 15:30:00] TRIVIA FILTER ANALYSIS
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
JS URL: https://example.com/app.js
Diff Size: 1234 chars
CHECKS PERFORMED:
โข webpack_hash: โ
OK
โข token_change: โ
OK
โข comments_only: โ
OK
SCORES:
โข Trivia Score: 0.15 (threshold: 0.75)
โข Has API Indicators: โ NO
DECISION: ๐ ANALYZE WITH AI
REASON: significant_change
โโโโโโโโโโโโโโโโโโ DIFF CONTENT โโโโโโโโโโโโโโโโโโ
+function _0x3f2a() { return fetch("/api/v2/admin/users") }
-function _0x3f2a() { return fetch("/api/v1/users") }
โโโโโโโโโโโโโโโโโโ END DIFF โโโโโโโโโโโโโโโโโโ
2. AI Analysis Request/Response
- Full diff sent to Gemini
- Raw AI response (before JSON parsing)
- Parsed changes with severity levels
3. Alert Decisions
- Which alerts were sent
- Which were skipped as duplicates
This log helps you:
- Understand why trivia filter passed/blocked a diff
- See exactly what Gemini received and responded
- Tune the system for fewer false positives/negatives
๐จ Example Output
Terminal
[+] Connected to Redis for state tracking.
[๐ช] Found 3 stored sessions:
โ
example.com (30.2 days left)
โ ๏ธ test.com (2.1 days left)
--- Starting scan cycle 1 with 5 base URLs ---
--- Phase 1: Crawling for JS files ---
Crawling URLs: 100%|โโโโโโโโ| 5/5 [00:12<00:00]
[+] Discovery phase complete. Found 127 JS sources.
--- Phase 2: Analyzing 127 JS sources ---
Analyzing JS: 100%|โโโโโโโโ| 127/127 [01:23<00:00]
[+] CHANGE DETECTED for: https://example.com/static/app.bundle.js
[AI DISCOVERY] Admin User Deletion API Found
Endpoint: DELETE /api/v2/admin/users/delete
Parameters: userId, reason
Confidence: 95%
[+] Analysis phase complete.
๐ New endpoints: 23 | API keys: 2
HTML Report
Features: Dark mode, search, copy URL, JSON export, status filtering
๐ How It Works
graph LR
A[Target URLs] --> B[Crawler]
B --> C[JS Discovery]
C --> D{Source Type}
D -->|External| E[fetch file]
D -->|Lazy-loaded| F[import detect]
D -->|Service Worker| G[SW register]
E --> H[Diff Detection]
F --> H
G --> H
H -->|Changed| I[Trivia Filter]
I -->|Significant| J[AI Analysis]
J --> K[Endpoint Extraction]
K --> L[HTML Report]
- Crawl - Fetch HTML + extract all JS sources
- Discover - Find lazy chunks, Service Workers, dynamic imports
- Diff - Compare with previous version (Redis cache)
- Filter - Skip vendor bundles, polyfills, formatting changes
- Analyze - AI identifies new endpoints/features
- Report - Generate beautiful HTML + send alerts
๐ Comparison
| Feature | JSMon | Linkfinder | JSFScan | Subdomainizer |
|---|---|---|---|---|
| Lazy-loaded JS | โ | โ | โ | โ |
| Service Workers | โ | โ | โ | โ |
| GraphQL Support | โ | โ | โ | โ |
| AI Analysis | โ | โ | โ | โ |
| Trivia Filtering | โ | โ | โ ๏ธ | โ |
| Continuous Monitoring | โ | โ | โ | โ |
| Authenticated Scans | โ | โ | โ | โ |
| HTML Reports | โ | โ | โ | โ |
๐ค Contributing
We welcome contributions! See CONTRIBUTING.md for guidelines.
Development Setup
git clone https://github.com/h3llwish/jsmon.git
cd jsmon
pip install -e ".[dev]"
pre-commit install
Running Tests
pytest tests/
black jsmon/
mypy jsmon/
๐ License
This project is licensed under the MIT License - see LICENSE file.
๐ Acknowledgments
- Linkfinder - Inspiration for endpoint extraction
- Nuclei - Template-based scanning approach
- Amass - Architecture patterns
๐ฌ Contact
- Twitter: @h3llwish
- Email: sosibonka3@gmail.com
โญ Star History
Made with โค๏ธ for the bug bounty community
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
jsmon-1.0.5.tar.gz
(76.2 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
jsmon-1.0.5-py3-none-any.whl
(77.3 kB
view details)
File details
Details for the file jsmon-1.0.5.tar.gz.
File metadata
- Download URL: jsmon-1.0.5.tar.gz
- Upload date:
- Size: 76.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a3dc89204ea05adcb18dbfd8db1c81a91ac7ab48a8bad0ccd4b9df9fe1112941
|
|
| MD5 |
052eea0a79521285434de0b67d4a5835
|
|
| BLAKE2b-256 |
445c6b84e520bfcfdc0178eb23649b1dbee150ffa0b2d717f8eb674ccbd37db2
|
File details
Details for the file jsmon-1.0.5-py3-none-any.whl.
File metadata
- Download URL: jsmon-1.0.5-py3-none-any.whl
- Upload date:
- Size: 77.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
904744c8ae2b9a0e5d75ab780e4328d2fb86e76c782d1f4de832c1c5b4a5161f
|
|
| MD5 |
5dc1687a2f567df51acaeaa988b26a6f
|
|
| BLAKE2b-256 |
987c1601a37b1198dabda3d50186a73082244577b4b588f67be59c8fe58707e0
|
