Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-26 14:40:37 +00:00
Code Issues Projects Releases Packages Wiki Activity

Translated ['network-services-pentesting/pentesting-web/code-review-tool

Browse source
This commit is contained in:
Translator 2024-04-18 02:45:16 +00:00
parent 7e8eb66ac6
commit 2b950ec61f
2 changed files with 101 additions and 128 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
SUMMARY.md
View file

@ -801,6 +801,7 @@
* [FISSURE - The RF Framework](todo/radio-hacking/fissure-the-rf-framework.md)
* [Low-Power Wide Area Network](todo/radio-hacking/low-power-wide-area-network.md)
* [Pentesting BLE - Bluetooth Low Energy](todo/radio-hacking/pentesting-ble-bluetooth-low-energy.md)
* [Industrial Control Systems Hacking](todo/industrial-control-systems-hacking/README.md)
* [Burp Suite](todo/burp-suite.md)
* [Other Web Tricks](todo/other-web-tricks.md)
* [Interesting HTTP](todo/interesting-http.md)

228
network-services-pentesting/pentesting-web/code-review-tools.md
View file

@ -1,29 +1,29 @@
# Ukaguzi wa Msimbo wa Chanzo / Zana za SAST
# Mapitio ya Msimbo wa Chanzo / Zana za SAST
<details>
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
<summary><strong>Jifunze AWS hacking kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
Njia nyingine za kusaidia HackTricks:
* Ikiwa unataka kuona **kampuni yako inayotangazwa kwenye HackTricks** au **kupakua HackTricks kwa muundo wa PDF** Angalia [**MPANGO WA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA USAJILI**](https://github.com/sponsors/carlospolop)!
* Pata [**swag rasmi wa PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa kipekee wa [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
* **Shiriki mbinu zako za kuhack kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
## Mwongozo na Orodha ya Zana
## Mwongozo na & Orodha ya zana
* [**https://owasp.org/www-community/Source\_Code\_Analysis\_Tools**](https://owasp.org/www-community/Source\_Code\_Analysis\_Tools)
* [**https://github.com/analysis-tools-dev/static-analysis**](https://github.com/analysis-tools-dev/static-analysis)
## Zana za Lugha Mbalimbali
## Zana za Lugha Nyingi
### [Naxus - AI-Gents](https://www.naxusai.com/)
Kuna **pakiti ya bure ya kukagua PRs**.
Kuna **mfuko wa bure wa kupitia PRs**.
### [**Semgrep**](https://github.com/returntocorp/semgrep)
@ -31,13 +31,13 @@ Ni **zana ya chanzo wazi**.
#### Lugha Zinazoungwa Mkono
| Jamii | Lugha |
| Jamii | Lugha |
| ------------ | ----------------------------------------------------------------------------------------------------- |
| GA | C# · Go · Java · JavaScript · JSX · JSON · PHP · Python · Ruby · Scala · Terraform · TypeScript · TSX |
| Beta | Kotlin · Rust |
| Experimental | Bash · C · C++ · Clojure · Dart · Dockerfile · Elixir · HTML · Julia · Jsonnet · Lisp · |
| Kielelezo | Bash · C · C++ · Clojure · Dart · Dockerfile · Elixir · HTML · Julia · Jsonnet · Lisp · |
#### Mwanzo wa Haraka
#### Kuanza Haraka
{% code overflow="wrap" %}
```bash
@ -50,13 +50,13 @@ semgrep scan --config auto
```
{% endcode %}
Unaweza pia kutumia [**Kifaa cha Upanuzi cha semgrep VSCode**](https://marketplace.visualstudio.com/items?itemName=Semgrep.semgrep) ili kupata matokeo ndani ya VSCode.
Unaweza pia kutumia [**Kifaa cha Uzalishaji wa VSCode cha semgrep**](https://marketplace.visualstudio.com/items?itemName=Semgrep.semgrep) kupata matokeo ndani ya VSCode.
### [**SonarQube**](https://www.sonarsource.com/products/sonarqube/downloads/)
Kuna toleo la **bure linaloweza kusakinishwa**.
Kuna **toleo huru linaloweza kusakinishwa**.
#### Mwanzo wa Haraka
#### Kuanza Haraka
{% code overflow="wrap" %}
```bash
@ -80,7 +80,7 @@ sonar-scanner \
### CodeQL
Kuna **toleo la bure linaloweza kusakinishwa** lakini kulingana na leseni unaweza **kutumia toleo la bure la codeQL katika miradi ya chanzo wazi tu**.
Kuna **toleo la bure linaloweza kusakinishwa** lakini kulingana na leseni unaweza **kutumia toleo la bure la CodeQL katika miradi ya chanzo wazi tu**.
#### Sakinisha
@ -106,9 +106,7 @@ echo 'export PATH="$PATH:/Users/username/codeql/codeql"' >> ~/.zshrc
## Open a new terminal
codeql resolve qlpacks #Get paths to QL packs
```
{% endcode %}
#### Mwanzo wa Haraka - Andaa database
#### Kuanza Haraka - Andaa database
{% hint style="success" %}
Jambo la kwanza unalohitaji kufanya ni **kuandaa database** (umba mti wa nambari) ili baadaye maswali yaweze kutekelezwa juu yake.
@ -127,10 +125,10 @@ codeql database create /path/repo/codeql_db --source-root /path/repo
{% endcode %}
{% hint style="danger" %}
Hii **kawaida itasababisha kosa** linalosema kwamba lugha zaidi ya moja zilitajwa (au ziligunduliwa kiotomatiki). **Angalia chaguo zifuatazo** ili kurekebisha hili!
Hii **kawaida itasababisha kosa** linalosema kwamba zaidi ya lugha moja ilitajwa (au ikagunduliwa moja kwa moja). **Angalia chaguo zifuatazo** kusahihisha hili!
{% endhint %}
* Unaweza kufanya hivi **kwa kuelezea kwa mkono** **repo** na **lugha** ([orodha ya lugha](https://docs.github.com/en/code-security/codeql-cli/getting-started-with-the-codeql-cli/preparing-your-code-for-codeql-analysis#running-codeql-database-create))
* Unaweza kufanya hivi **kwa mkono ukionyesha** **repo** na **lugha** ([orodha ya lugha](https://docs.github.com/en/code-security/codeql-cli/getting-started-with-the-codeql-cli/preparing-your-code-for-codeql-analysis#running-codeql-database-create))
{% code overflow="wrap" %}
```bash
@ -142,7 +140,7 @@ codeql database create /path/repo/codeql_db --language javascript --source-root
```
{% endcode %}
* Ikiwa repo yako inatumia **zaidi ya lugha 1**, unaweza pia kuunda **1 DB kwa kila lugha** ikionyesha kila lugha.
* Ikiwa repo yako inatumia **lugha zaidi ya 1**, unaweza pia kuunda **DB 1 kwa kila lugha** ikionyesha kila lugha.
{% code overflow="wrap" %}
```bash
@ -156,7 +154,9 @@ codeql database create /path/repo/codeql_db --source-root /path/to/repo --db-clu
```
{% endcode %}
* Unaweza pia kuruhusu `codeql` kutambua lugha zote kwa ajili yako na kuunda DB kwa kila lugha. Unahitaji kumpa **GITHUB\_TOKEN**.
* Unaweza pia kuruhusu `codeql` kutambua **lugha zote** kwa niaba yako na kuunda DB kwa kila lugha. Unahitaji kumpa **GITHUB\_TOKEN**.
{% code overflow="wrap" %}
```bash
export GITHUB_TOKEN=ghp_32849y23hij4...
codeql database create <database> --db-cluster --source-root </path/to/repo>
@ -168,13 +168,13 @@ codeql database create /tmp/codeql_db --db-cluster --source-root /path/repo
```
{% endcode %}
#### Mwanzo wa Haraka - Tathmini Kanuni
#### Anza Haraka - Tathmini nambari
{% hint style="success" %}
Sasa ni wakati wa mwisho wa kuchambua kanuni
Sasa ni wakati wa mwisho wa kuchambua nambari
{% endhint %}
Kumbuka kwamba ikiwa ulitumia lugha kadhaa, **DB kwa kila lugha** itakuwa imeundwa katika njia uliyotaja.
Kumbuka kwamba ikiwa ulitumia lugha kadhaa, **DB kwa kila lugha** ingekuwa imeundwa katika njia uliyotaja.
{% code overflow="wrap" %}
```bash
@ -194,7 +194,9 @@ javascript-security-extended --sarif-category=javascript \
--sarif-add-baseline-file-info --format=sarif-latest \
--output=/tmp/sec-extended.sarif
```
#### Mwanzo wa Haraka - Kwa Kutumia Script
{% endcode %}
#### Kuanza Haraka - Kimeandikwa
{% code overflow="wrap" %}
```bash
@ -217,15 +219,15 @@ echo $FINAL_MSG
```
{% endcode %}
Unaweza kuona matokeo katika [**https://microsoft.github.io/sarif-web-component/**](https://microsoft.github.io/sarif-web-component/) au kwa kutumia kifaa cha VSCode [**SARIF viewer**](https://marketplace.visualstudio.com/items?itemName=MS-SarifVSCode.sarif-viewer).
Unaweza kuona matokeo kwenye [**https://microsoft.github.io/sarif-web-component/**](https://microsoft.github.io/sarif-web-component/) au kutumia kifaa cha VSCode [**SARIF viewer**](https://marketplace.visualstudio.com/items?itemName=MS-SarifVSCode.sarif-viewer).
Unaweza pia kutumia [**kifaa cha VSCode**](https://marketplace.visualstudio.com/items?itemName=GitHub.vscode-codeql) ili kupata matokeo ndani ya VSCode. Bado utahitaji kuunda database kwa mkono, lakini kisha unaweza kuchagua faili yoyote na bonyeza `Right Click` -> `CodeQL: Run Queries in Selected Files`
Unaweza pia kutumia [**kifaa cha VSCode**](https://marketplace.visualstudio.com/items?itemName=GitHub.vscode-codeql) kupata matokeo ndani ya VSCode. Bado utahitaji kuunda database kwa mkono, lakini baadaye unaweza kuchagua faili yoyote na bonyeza `Right Click` -> `CodeQL: Run Queries in Selected Files`
### [**Snyk**](https://snyk.io/product/snyk-code/)
Kuna **toleo la bure linaloweza kusakinishwa**.
#### Mwanzo wa Haraka
#### Kuanza Haraka
```bash
# Install
sudo npm install -g snyk
@ -250,13 +252,13 @@ Unaweza pia kutumia [**snyk VSCode Extension**](https://marketplace.visualstudio
### [Insider](https://github.com/insidersec/insider)
Ni **Open Source**, lakini inaonekana **haijasasishwa**.
Ni **Chanzo Huru**, lakini inaonekana **haijatunzwa**.
#### Lugha Zinazoungwa Mkono
#### Lugha Zinazoungwa mkono
Java (Maven na Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, na Javascript (Node.js).
#### Mwanzo wa Haraka
#### Kuanza Haraka
```bash
# Check the correct release for your environment
$ wget https://github.com/insidersec/insider/releases/download/2.1.0/insider_2.1.0_linux_x86_64.tar.gz
@ -287,14 +289,14 @@ npm install -g pnpm
cd /path/to/repo
pnpm audit
```
* [**nodejsscan**](https://github.com/ajinabraham/nodejsscan)**:** Skeneri wa nambari za usalama za kodi (SAST) kwa programu za Node.js zinazotumia [libsast](https://github.com/ajinabraham/libsast) na [semgrep](https://github.com/returntocorp/semgrep).
* [**nodejsscan**](https://github.com/ajinabraham/nodejsscan)**:** Kijikagua msimbo wa usalama wa statiki (SAST) kwa maombi ya Node.js yaliyotumia [libsast](https://github.com/ajinabraham/libsast) na [semgrep](https://github.com/returntocorp/semgrep).
```bash
# Install & run
docker run -it -p 9090:9090 opensecurity/nodejsscan:latest
# Got to localhost:9090
# Upload a zip file with the code
```
* [**RetireJS**](https://github.com/RetireJS/retire.js)**:** Lengo la Retire.js ni kukusaidia kugundua matumizi ya toleo la maktaba ya JS lenye mashimo ya usalama yanayojulikana.
* [**RetireJS**](https://github.com/RetireJS/retire.js)**:** Lengo la Retire.js ni kukusaidia kugundua matumizi ya toleo la maktaba ya JS lenye mapungufu yanayojulikana.
```bash
# Install
npm install -g retire
@ -304,11 +306,11 @@ retire --colors
```
## Electron
* [**electronegativity**](https://github.com/doyensec/electronegativity)**:** Ni chombo cha kutambua mipangilio isiyofaa na mifano ya usalama katika programu zinazotumia Electron.
* [**electronegativity**](https://github.com/doyensec/electronegativity)**:** Ni chombo cha kutambua mipangilio isiyo sahihi na mifano ya usalama katika programu zinazotumia Electron.
## Python
* [**Bandit**](https://github.com/PyCQA/bandit)**:** Bandit ni chombo kilichoundwa ili kutambua matatizo ya kawaida ya usalama katika nambari za Python. Bandit hufanya hivi kwa kusindika kila faili, kujenga AST kutoka kwake, na kukimbia programu husika dhidi ya nodi za AST. Mara Bandit imekamilisha uchunguzi wa faili zote, inazalisha ripoti.
* [**Bandit**](https://github.com/PyCQA/bandit)**:** Bandit ni chombo kilichoundwa kwa lengo la kutambua masuala ya kawaida ya usalama katika nambari za Python. Ili kufanya hivyo, Bandit huprocess kila faili, hujenga AST kutoka kwake, na hutekeleza programu husika dhidi ya nodi za AST. Mara Bandit inapomaliza kutafuta faili zote, inazalisha ripoti.
```bash
# Install
pip3 install bandit
@ -316,14 +318,14 @@ pip3 install bandit
# Run
bandit -r <path to folder>
```
* [**usalama**](https://github.com/pyupio/safety): Usalama hufanya ukaguzi wa utegemezi wa Python kwa ajili ya kasoro za usalama zinazojulikana na kupendekeza marekebisho sahihi kwa kasoro zilizogunduliwa. Usalama unaweza kukimbia kwenye mashine za watengenezaji, kwenye mifumo ya CI/CD na kwenye mifumo ya uzalishaji.
* [**usalama**](https://github.com/pyupio/safety): Usalama hufanya ukaguzi wa mahitaji ya Python kwa mapungufu ya usalama yanayojulikana na kupendekeza marekebisho sahihi kwa mapungufu yaliyogunduliwa. Usalama inaweza kukimbia kwenye mashine za waendelezaji, kwenye mifumo ya CI/CD na kwenye mifumo ya uzalishaji.
```bash
# Install
pip install safety
# Run
safety check
```
* [~~**Pyt**~~](https://github.com/python-security/pyt): Haijasasishwa.
* [~~**Pyt**~~](https://github.com/python-security/pyt): Haijasimamiwa.
## .NET
```bash
@ -335,31 +337,9 @@ C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe test.cs
```
## RUST
RUST ni lugha ya programu inayojulikana kwa usalama wake na utendaji wake wa juu. Inatumika sana katika maendeleo ya programu za mfumo na zana za usalama. Hapa kuna zana kadhaa za ukaguzi wa nambari ambazo zinaweza kutumiwa kwa ukaguzi wa nambari ya RUST:
## RUST
### Clippy
Clippy ni zana ya ukaguzi wa nambari ya RUST ambayo inasaidia kugundua na kurekebisha kasoro za kawaida za programu. Inatoa vidokezo vya kuboresha ubora wa nambari na kuzuia makosa ya kawaida.
### Rustfmt
Rustfmt ni zana ya muundo wa nambari ya RUST ambayo inasaidia kubadilisha muundo wa nambari ili iweze kufuata viwango vya muundo vilivyowekwa. Inasaidia kudumisha muundo wa nambari wa kawaida na kufanya iwe rahisi kusoma na kuelewa.
### Cargo-audit
Cargo-audit ni zana ya ukaguzi wa usalama ya RUST ambayo inasaidia kugundua na kurekebisha kasoro za usalama katika dependencies za mradi wa RUST. Inasaidia kuzuia matumizi ya dependencies ambazo zina kasoro za usalama.
### Rust-analyzer
Rust-analyzer ni zana ya uchambuzi wa nambari ya RUST ambayo inasaidia kutoa vidokezo vya kuboresha ubora wa nambari. Inatoa huduma za kiotomatiki kama vile autocompletion, refactoring, na uchambuzi wa nambari ili kusaidia watumiaji kuandika nambari bora na yenye ufanisi.
### RustSec
RustSec ni zana ya ukaguzi wa usalama ya RUST ambayo inasaidia kugundua na kurekebisha kasoro za usalama katika dependencies za mradi wa RUST. Inatoa habari muhimu kuhusu kasoro za usalama na inasaidia kuchukua hatua za haraka za kurekebisha kasoro hizo.
### Rust Language Server (RLS)
Rust Language Server (RLS) ni zana ya kusaidia maendeleo ya programu ya RUST ambayo inasaidia kutoa huduma za kiotomatiki kama vile autocompletion, refactoring, na uchambuzi wa nambari. Inasaidia watumiaji kuandika nambari bora na yenye ufanisi kwa kutumia lugha ya RUST.
RUST ni lugha ya programu ya kisasa inayojulikana kwa usalama wake na utendaji wake wa haraka. Ni chaguo bora kwa maendeleo ya zana za usalama na upimaji wa usalama.
```bash
# Install
cargo install cargo-audit
@ -372,27 +352,17 @@ cargo audit fetch
```
## Java
Java ni lugha ya programu inayotumika sana kwa maendeleo ya programu za kompyuta. Inajulikana kwa usalama wake na uwezo wake wa kufanya kazi kwenye majukwaa tofauti. Hapa chini ni zana kadhaa za ukaguzi wa nambari za Java ambazo zinaweza kutumika katika mchakato wa ukaguzi wa nambari:
### FindBugs
- **FindBugs**: Zana hii inachunguza nambari ya Java kwa makosa ya kawaida na kasoro. Inaweza kugundua matumizi mabaya ya API, matumizi ya kumbukumbu, na mifumo ya kudhibiti ubora wa nambari.
FindBugs ni chombo cha kupima ubora wa nambari kinachotumika kugundua kasoro za kawaida katika programu za Java.
- **PMD**: Zana hii inachunguza nambari ya Java kwa makosa ya kawaida, mazoea bora, na kasoro. Inaweza kugundua matumizi mabaya ya API, matumizi ya kumbukumbu, na mifumo ya kudhibiti ubora wa nambari.
### PMD
- **Checkstyle**: Zana hii inachunguza nambari ya Java kwa kufuata viwango vya kubuni na miongozo. Inaweza kugundua kasoro za kubuni, kama vile matumizi yasiyofaa ya nafasi na alama za uandishi.
PMD ni chombo kingine cha kupima ubora wa nambari kinachotumika kugundua makosa ya kawaida katika nambari za Java.
- **SonarQube**: Zana hii inachunguza nambari ya Java kwa kasoro, makosa, na mazoea mabaya. Inaweza kugundua matumizi mabaya ya API, matumizi ya kumbukumbu, na mifumo ya kudhibiti ubora wa nambari.
### Checkstyle
- **FindSecBugs**: Zana hii inachunguza nambari ya Java kwa kasoro za usalama. Inaweza kugundua matumizi mabaya ya API, matumizi ya kumbukumbu, na mifumo ya kudhibiti ubora wa nambari.
- **SpotBugs**: Zana hii inachunguza nambari ya Java kwa makosa ya kawaida na kasoro. Inaweza kugundua matumizi mabaya ya API, matumizi ya kumbukumbu, na mifumo ya kudhibiti ubora wa nambari.
- **FindBugs-Security-Extras**: Zana hii inachunguza nambari ya Java kwa kasoro za usalama. Inaweza kugundua matumizi mabaya ya API, matumizi ya kumbukumbu, na mifumo ya kudhibiti ubora wa nambari.
- **Error Prone**: Zana hii inachunguza nambari ya Java kwa makosa ya kawaida na kasoro. Inaweza kugundua matumizi mabaya ya API, matumizi ya kumbukumbu, na mifumo ya kudhibiti ubora wa nambari.
- **Infer**: Zana hii inachunguza nambari ya Java kwa kasoro na makosa. Inaweza kugundua matumizi mabaya ya API, matumizi ya kumbukumbu, na mifumo ya kudhibiti ubora wa nambari.
- **Find-Security-Bugs**: Zana hii inachunguza nambari ya Java kwa kasoro za usalama. Inaweza kugundua matumizi mabaya ya API, matumizi ya kumbukumbu, na mifumo ya kudhibiti ubora wa nambari.
Checkstyle ni chombo kingine cha kupima ubora wa nambari kinachotumika kuhakiki ikiwa nambari inazingatia viwango vilivyowekwa.
```bash
# JD-Gui
https://github.com/java-decompiler/jd-gui
@ -406,14 +376,14 @@ jar cmvf META-INF/MANIFEST.MF test.jar test.class
| Kazi | Amri |
| --------------- | --------------------------------------------------------- |
| Tekeleza Jar | java -jar \[jar] |
| Fungua Jar | unzip -d \[directory ya matokeo] \[jar] |
| Unda Jar | jar -cmf META-INF/MANIFEST.MF \[jar ya matokeo] \* |
| Base64 SHA256 | sha256sum \[faili] \| cut -d' ' -f1 \| xxd -r -p \| base64 |
| Ondoa Saini | rm META-INF/_.SF META-INF/_.RSA META-INF/\*.DSA |
| Futa kutoka Jar | zip -d \[jar] \[faili ya kuondoa] |
| Fungua darasa | procyon -o . \[njia ya darasa] |
| Fungua Jar | procyon -jar \[jar] -o \[directory ya matokeo] |
| Kompaili darasa | javac \[njia ya faili ya .java] |
| Fungua Jar | unzip -d \[directory ya matokeo] \[jar] |
| Unda Jar | jar -cmf META-INF/MANIFEST.MF \[jar ya matokeo] \* |
| Base64 SHA256 | sha256sum \[faili] \| kata -d' ' -f1 \| xxd -r -p \| base64 |
| Ondoa Kusaini | rm META-INF/_.SF META-INF/_.RSA META-INF/\*.DSA |
| Futa kutoka kwa Jar | zip -d \[jar] \[faili ya kuondoa] |
| Changanya darasa | procyon -o . \[njia ya darasa] |
| Changanya Jar | procyon -jar \[jar] -o \[directory ya matokeo] |
| Changanya darasa | javac \[njia ya .java faili] |
## Endelea
```bash
@ -437,67 +407,69 @@ https://github.com/securego/gosec
1. Burp:
* Spider na ugundue maudhui
* Sitemap > chuja
* Sitemap > bofya kulia kwenye kikoa > Zana za Ushiriki > Tafuta hati
* Sitemap > kichuja
* Sitemap > bofya-kulia kwenye kikoa > Zana za Ushirikiano > Tafuta skripti
2. [WaybackURLs](https://github.com/tomnomnom/waybackurls):
* `waybackurls <kikoa> |grep -i "\.js" |sort -u`
### Uchambuzi Statisa
### Uchambuzi Statis
#### Unminimize/Beautify/Prettify
* [https://prettier.io/playground/](https://prettier.io/playground/)
* [https://beautifier.io/](https://beautifier.io/)
* Angalia baadhi ya zana zilizotajwa katika 'Deobfuscate/Unpack' hapo chini pia.
#### Deobfuscate/Unpack
**Note**: Huenda isingewezekana kufanya deobfuscate kikamilifu.
**Angalia**: Huenda isingewezekana kudeobfuscate kabisa.
1. Tafuta na tumia faili za .map:
* Ikiwa faili za .map zimefunuliwa, zinaweza kutumika kufanya deobfuscate kwa urahisi.
* Kawaida, foo.js.map inaonyesha foo.js. Tafuta kwa mkono.
* Ikiwa faili za .map zimefunuliwa, zinaweza kutumika kudeobfuscate kwa urahisi.
* Kawaida, foo.js.map inalingana na foo.js. Tafuta kwa mikono.
* Tumia [JS Miner](https://github.com/PortSwigger/js-miner) kuzitafuta.
* Hakikisha uchunguzi wa moja kwa moja unafanywa.
* Soma '[Machapisho/Maelezo](https://github.com/minamo7sen/burp-JS-Miner/wiki#tips--notes)'
* Ikiwa zimepatikana, tumia [Maximize](https://www.npmjs.com/package/maximize) kufanya deobfuscate.
* Hakikisha uchanganuzi wa moja kwa moja unafanywa.
* Soma '[Vidokezo/Maelezo](https://github.com/minamo7sen/burp-JS-Miner/wiki#tips--notes)'
* Ikiwa zimepatikana, tumia [Maximize](https://www.npmjs.com/package/maximize) kudeobfuscate.
2. Bila faili za .map, jaribu JSnice:
* Marejeo: http://jsnice.org/ & https://www.npmjs.com/package/jsnice
* Marejeo: [http://jsnice.org/](http://jsnice.org/) & [https://www.npmjs.com/package/jsnice](https://www.npmjs.com/package/jsnice)
* Vidokezo:
* Ikiwa unatumia jsnice.org, bofya kitufe cha chaguo karibu na kitufe cha "Nicify JavaScript", na usichague "Infer types" ili kupunguza uchafuzi wa kificho na maoni.
* Hakikisha hauachi mistari tupu kabla ya hati, kwani inaweza kuathiri mchakato wa deobfuscation na kutoa matokeo yasiyo sahihi.
3. Tumia console.log();
* Tafuta thamani ya kurudi mwishoni na ibadilishe kuwa `console.log(<packerReturnVariable>);` ili kificho kilichofanyiwa deobfuscate kiweze kuchapishwa badala ya kutekelezwa.
* Kisha, nakili kificho kilichobadilishwa (na bado kimefichwa) kwenye https://jsconsole.com/ ili uone kificho kilichofanyiwa deobfuscate kikichapishwa kwenye konsoli.
* Hatimaye, nakili matokeo ya deobfuscate kwenye https://prettier.io/playground/ ili kufanya kificho kuwa safi kwa ajili ya uchambuzi.
* **Note**: Ikiwa bado unaona kificho kilichofungwa (lakini tofauti), huenda kimefungwa kwa njia ya kurudia. Rudia mchakato.
* Ikiwa unatumia jsnice.org, bofya kitufe cha chaguo karibu na kitufe cha "Nicify JavaScript", na batilisha "Infer types" ili kupunguza kuchafua kwa namna ya maoni kwenye msimbo.
* Hakikisha hauachi mistari tupu kabla ya skripti, kwani inaweza kuathiri mchakato wa kudeobfuscate na kutoa matokeo yasiyo sahihi.
4. Kwa baadhi ya mbadala wa kisasa zaidi kwa JSNice, unaweza kutaka kutazama yafuatayo:
* [https://github.com/pionxzh/wakaru](https://github.com/pionxzh/wakaru)
* > Decompiler ya Javascript, unpacker na zana ya unminify
> Wakaru ni decompiler ya Javascript kwa mbele ya kisasa. Inarudisha msimbo halisi kutoka chanzo kilichobebwa na kubadilishwa.
* [https://github.com/j4k0xb/webcrack](https://github.com/j4k0xb/webcrack)
* > Deobfuscate obfuscator.io, unminify na unpack javascript iliyobebwa
* [https://github.com/jehna/humanify](https://github.com/jehna/humanify)
* > Un-minify msimbo wa Javascript kwa kutumia ChatGPT
> Zana hii hutumia mifano mikubwa ya lugha (kama ChatGPT & llama2) na zana nyingine kudeobfuscate msimbo wa Javascript. Tafadhali kumbuka kuwa LLMs hazifanyi mabadiliko yoyote ya kimuundo - zinatoa viashiria vya kubadilisha majina ya pembejeo na kazi. Kazi kubwa inafanywa na Babel kwenye kiwango cha AST ili kuhakikisha msimbo unabaki sawa 1-1.
* [https://thejunkland.com/blog/using-llms-to-reverse-javascript-minification.html](https://thejunkland.com/blog/using-llms-to-reverse-javascript-minification.html)
* > Kutumia LLMs kubadilisha majina ya pembejeo ya Javascript vilivyominify
3. Tumia `console.log()`;
* Tafuta thamani ya kurudi mwishoni na ibadilishe kuwa `console.log(<packerReturnVariable>);` ili msimbo uliokudeobfuscate uchapishwe badala ya kutekelezwa.
* Kisha, bandika msimbo uliobadilishwa (na bado umefichwa) kwenye [https://jsconsole.com/](https://jsconsole.com/) kuona msimbo uliokudeobfuscate ukiandikwa kwenye konsoli.
* Hatimaye, bandika pato lililokudeobfuscate kwenye [https://prettier.io/playground/](https://prettier.io/playground/) ili kuupendezesha kwa uchambuzi.
* **Angalia**: Ikiwa bado unaona msimbo uliobebwa (lakini tofauti), huenda umepakiwa kwa njia ya kurudiarudia. Rudia mchakato.
Marejeo
#### Marejeo
* https://www.youtube.com/watch?v=\_v8r\_t4v6hQ
* https://blog.nvisium.com/angular-for-pentesters-part-1
* https://blog.nvisium.com/angular-for-pentesters-part-2
* [YouTube: DAST - Uchambuzi wa Kudumu wa Javascript](https://www.youtube.com/watch?v=_v8r_t4v6hQ)
* [https://blog.nvisium.com/angular-for-pentesters-part-1](https://web.archive.org/web/20221226054137/https://blog.nvisium.com/angular-for-pentesters-part-1)
* [https://blog.nvisium.com/angular-for-pentesters-part-2](https://web.archive.org/web/20230204012439/https://blog.nvisium.com/angular-for-pentesters-part-2)
* [devalias](https://twitter.com/_devalias)'s [GitHub Gists](https://gist.github.com/0xdevalias):
* [Kudeobfuscate / Kufanya Minify Msimbo wa Programu ya Wavuti](https://gist.github.com/0xdevalias/d8b743efb82c0e9406fc69da0d6c6581#deobfuscating--unminifying-obfuscated-web-app-code)
* [Reverse Engineering Webpack Apps](https://gist.github.com/0xdevalias/8c621c5d09d780b1d321bfdb86d67cdd#reverse-engineering-webpack-apps)
* [n.k.](https://gist.github.com/search?q=user:0xdevalias+javascript)
Zana
#### Zana
* https://portswigger.net/burp/documentation/desktop/tools/dom-invader
* [https://portswigger.net/burp/documentation/desktop/tools/dom-invader](https://portswigger.net/burp/documentation/desktop/tools/dom-invader)
#### Marejeo Yasiyotumiwa Sana
#### Marejeo Yanayotumiwa Kidogo
* https://cyberchef.org/
* https://olajs.com/javascript-prettifier
* https://jshint.com/
* https://github.com/jshint/jshint/
<details>
<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
Njia nyingine za kusaidia HackTricks:
* Ikiwa unataka kuona **kampuni yako inatangazwa kwenye HackTricks** au **kupakua HackTricks kwa muundo wa PDF** Angalia [**MPANGO WA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**swag rasmi wa PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**The PEASS Family**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au **kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PR kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
* [https://cyberchef.org/](https://cyberchef.org/)
* [https://olajs.com/javascript-prettifier](https://olajs.com/javascript-prettifier)
* [https://jshint.com/](https://jshint.com/)
* [https://github.com/jshint/jshint/](https://github.com/jshint/jshint/)