BestRecon is a browser-based recon tool to gather information about your target and analyze their security on browser.
This extenison still in development PR's are welcome!
It finds all the javascript files and links(hrefs) from HTML and analysis them and make a request to JavaScript files and search sensitive information inside of the JavaScript files it will soon find all the API endpoints from the JavaScript files.
- git clone https://github.com/Mirhatyasar/BestRecon.git
- go to chrome://extensions
- click on Load unpacked extension and select BestRecon folder
- Find API endpoints
- Instead of consoling them show them in UI
- Find API_KEYS and check if they are valid