Burpsuite Extension
Jsmon Burp Suite Extension Guide: Integrated JS Reconnaissance
The Jsmon Burp Suite Extension seamlessly integrates Jsmon's automated JavaScript analysis capabilities into your existing penetration testing workflow. It operates passively, intercepting all traffic passing through the Burp Proxy, automatically identifying relevant .js files, and submitting them to your Jsmon workspace for deep analysis (secrets, exposed API paths, domain assets, etc.).
1. Installation
The Jsmon extension is loaded via Burp Suite's Extender tool.
Prerequisites
Burp Suite Professional (Recommended for seamless integration).
A Jsmon Account at
https://jsmon.sh(to obtain your API Key and Workspace ID).Jython
The extension file (
.jar) downloaded from the official GitHub repository:https://github.com/rashahacks/jsmon-burpsuite-extension.
Open Burp Extender: Launch Burp Suite and navigate to the Extender tab.
Add the Extension: Click on the Extensions sub-tab, and then click the Add button.
Specify Type: Select the appropriate extension type (e.g., Java).
Select File: Click the Select file... button and choose the downloaded Jsmon extension .jar file.
Check Output: Once loaded, go to the Output tab to ensure the extension loaded successfully without errors.
2. Configuration and Authentication
The extension needs to be linked to your personal Jsmon account via your API Key and a specific Workspace ID.
Step 1: Obtain Credentials
Log into the Jsmon web application at
https://jsmon.sh.Navigate to the JSMON API section to find and copy your personal API Key.
Note the Workspace ID of the workspace you want to receive the scan data.
Step 2: Configure in Burp
Look for a new dedicated Jsmon tab or locate the extension's settings within the Extender tab's Options pane.
Input Credentials: Enter the following values into the corresponding fields:
Jsmon API Key
Workspace ID
Save/Initialize: Click the Save or Initialize button (if available) to connect the extension to the Jsmon API.
3. Core Usage and Features
Once configured, the extension passively begins monitoring your Burp Proxy traffic.
Passive JS Reconnaissance
The power of the extension lies in its automation, which is closely tied to Burp's own functionality:
Target Scope Integration: The extension respects Burp Suite's Target Scope. It will only process and forward JavaScript URLs that fall within the domains defined in your Target Scope.
Proxy Monitoring: As you browse the target application through the Burp Proxy, the extension intercepts all HTTP requests.
Automatic Submission: When the extension detects a file with a
.jsextension (or a content-type header indicating JavaScript), it automatically extracts the URL and sends it to the specified Jsmon workspace for analysis.No Manual Work: This eliminates the need to manually copy and paste JavaScript URLs or use command-line tools for scanning during active browsing/crawling.
Benefits and Intelligence
The submitted JS URLs are then processed by Jsmon's analysis engine, providing the following security intelligence without any further action required in Burp:
Hardcoded Secrets: Identification of exposed API keys, tokens, and credentials.
Intranetwork Exposure: Discovery of internal IP addresses, Docker/Kubernetes service names, and internal hostnames.
Asset Takeover Risk: Listing unregistered cloud assets (like S3 buckets or Elastic Beanstalk URLs) that could be purchased by an attacker.
Dependency Confusion: Alerts for potentially vulnerable package names used by the target application.
4. Viewing Results
All collected URLs and their analysis results are available in your Jsmon web dashboard.
Jsmon Web App: Log into
https://jsmon.sh.JS URLs Section: Navigate to your configured Workspace ID to view the live list of URLs submitted by the Burp Extension.
Deep Querying: Use the JS Intelligence and Keys & Secrets sections on the web app for detailed filtering and security analysis of the findings.
Last updated