Uses to search in the JS URLs to query the results via the hostnames.
field=emails domain=youtube.com - Shows emails present in JS files of youtube.com/*
field=emails domain=www.youtube.com - Shows emails, JS files(www.youtube.com/*)
field=emails domain=youtube.com/static/ - Show emails, JS files(youtube.com/static/)
field=emails domain=photos.google.com sub=true - Shows emails present in JS files of *.photos.google.com/*
field=emails domain=domain=youtube.com sub=true - Shows emails present in JS files of *.youtube.com/*
By default only 1000 results are shown, use the page parameter to go next to next page.
field=jsUrls - Shows JS files
field=exposure - Shows exposed keys/secrets present inside JS files
field=apiPaths - Shows API paths present in JS files
field=emails - Shows emails present in JS files
field=ipv4Addresses - Shows IPv4 addresses present in JS files
field=ipv6Addresses - Shows IPv6 addresses present in JS files
field=guids - Shows GUIDs present in JS files
field=extractedDomains - Shows domains present in JS files
field=extractedUrls - Shows URLs present in JS files
field=localhostUrls - Shows localhost URLs present in JS files
field=fileExtensionUrls - Shows URLs with file extensions present inside JS files
field=gqlQuery - Shows GraphQL queries present in JS files
field=gqlMutation - Shows GraphQL mutations present in JS files
field=gqlFragment - Shows GraphQL fragments present in JS files
field=s3Domains - Shows s3 buckets present in JS files
field=s3DomainsInvalid - Shows s3 bucket takeovers present in JS files
field=validNodeModules - Shows valid node modules present in JS files
field=nodeModulesWithDependencyConfusion - Shows npm dependency confusions
Client-side vulnerabilities
field=vuln.setTimeoutCall - Shows setTimeoutCall() occurrences inside JS files
field=vuln.exec - Shows exec() occurrences inside JS files
field=vuln.execData - Shows execData() occurrences inside JS files
field=vuln.domBasedDOS - Shows domBasedDOS vulnerable function inside JS files
