@shriyanss/js-recon 1.0.0 → 1.1.0-beta.2

package/build/utility/makeReq.js

@@ -0,0 +1,265 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import chalk from "chalk";
+import puppeteer from "puppeteer";
+import * as globals from "./globals.js";
+import { get } from "../api_gateway/genReq.js";
+import fs from "fs";
+// random user agents
+const UAs = [
+    "Chrome/Windows: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36",
+    "Chrome/Windows: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36",
+    "Chrome/Windows: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36",
+    "Chrome/macOS: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36",
+    "Chrome/Linux: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36",
+    "Chrome/iPhone: Mozilla/5.0 (iPhone; CPU iPhone OS 14_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/87.0.4280.77 Mobile/15E148 Safari/604.1",
+    "Chrome/iPhone (request desktop): Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/87 Version/11.1.1 Safari/605.1.15",
+    "Chrome/iPad: Mozilla/5.0 (iPad; CPU OS 14_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/87.0.4280.77 Mobile/15E148 Safari/604.1",
+    "Chrome/iPod: Mozilla/5.0 (iPod; CPU iPhone OS 14_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/87.0.4280.77 Mobile/15E148 Safari/604.1",
+    "Chrome/Android: Mozilla/5.0 (Linux; Android 10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.101 Mobile Safari/537.36",
+    "Chrome/Android: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.101 Mobile Safari/537.36",
+    "Chrome/Android: Mozilla/5.0 (Linux; Android 10; LM-Q720) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.101 Mobile Safari/537.36",
+    "Firefox/Windows: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0",
+    "Firefox/macOS: Mozilla/5.0 (Macintosh; Intel Mac OS X 11.1; rv:84.0) Gecko/20100101 Firefox/84.0",
+    "Firefox/Linux: Mozilla/5.0 (X11; Linux i686; rv:84.0) Gecko/20100101 Firefox/84.0",
+    "Firefox/iPhone: Mozilla/5.0 (iPhone; CPU iPhone OS 11_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/30.0 Mobile/15E148 Safari/605.1.15",
+    "Firefox/iPad: Mozilla/5.0 (iPad; CPU OS 11_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/30.0 Mobile/15E148 Safari/605.1.15",
+    "Firefox/Android: Mozilla/5.0 (Android 11; Mobile; rv:68.0) Gecko/68.0 Firefox/84.0",
+    "Safari/macOS: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.2 Safari/605.1.15",
+    "Safari/iPhone: Mozilla/5.0 (iPhone; CPU iPhone OS 14_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0 Mobile/15E148 Safari/604.1",
+    "Safari/iPhone (request desktop): Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.3 Safari/605.1.15",
+    "Safari/iPad: Mozilla/5.0 (iPad; CPU OS 14_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0 Mobile/15E148 Safari/604.1",
+    "IE11/Windows: Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko",
+    "Edge/Windows: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.66",
+    "Edge/macOS: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.66",
+    "Edge/Android: Mozilla/5.0 (Linux; Android 10; HD1913) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.101 Mobile Safari/537.36 EdgA/45.12.4.5121",
+    "Edge/iOS: Mozilla/5.0 (iPhone; CPU iPhone OS 14_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0 EdgiOS/45.11.11 Mobile/15E148 Safari/605.1.15",
+    "Opera/Windows: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.329",
+    "Opera/macOS: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.329",
+    "Opera/Linux: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 OPR/73.0.3856.329",
+    "Opera/Android: Mozilla/5.0 (Linux; Android 10; VOG-L29) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.101 Mobile Safari/537.36 OPR/61.1.3076.56625",
+    "Vivaldi/Windows: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Vivaldi/3.5",
+    "Vivaldi/macOS: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Vivaldi/3.5",
+    "Vivaldi/Linux: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Vivaldi/3.5",
+    "Yandex/Windows: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 YaBrowser/20.12.0 Yowser/2.5 Safari/537.36",
+    "Yandex/macOS: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 YaBrowser/20.12.0 Yowser/2.5 Safari/537.36",
+    "Yandex/iOS: Mozilla/5.0 (iPhone; CPU iPhone OS 14_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0 YaBrowser/20.11.2.199 Mobile/15E148 Safari/604.1",
+    "Yandex/Android: Mozilla/5.0 (Linux; arm_64; Android 11; SM-G965F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.101 YaBrowser/20.12.29.180 Mobile Safari/537.36",
+    "Chrome/ChromeOS: Mozilla/5.0 (X11; CrOS x86_64 13505.63.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36",
+    "Safari/macOS: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.2 Safari/605.1.15",
+    "Firefox/macOS: Mozilla/5.0 (Macintosh; Intel Mac OS X 11.1; rv:84.0) Gecko/20100101 Firefox/84.0",
+    "Chrome/macOS: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36",
+    "Vivaldi/macOS: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Vivaldi/3.5",
+    "Edge/macOS: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.66",
+    "Safari/iOS: Mozilla/5.0 (iPhone; CPU iPhone OS 14_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0 Mobile/15E148 Safari/604.1",
+    "Chrome/iOS: Mozilla/5.0 (iPhone; CPU iPhone OS 14_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/87.0.4280.77 Mobile/15E148 Safari/604.1",
+    "Firefox/iOS: Mozilla/5.0 (iPhone; CPU iPhone OS 14_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/30.0 Mobile/15E148 Safari/605.1.15",
+    "Edge/Windows: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.66",
+    "Internet-Explorer/Windows: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko",
+    "Chrome/Windows: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36",
+    "Firefox/Windows: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0",
+    "Vivaldi/Windows: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Vivaldi/3.5",
+    "Chrome/Android: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.101 Mobile Safari/537.36",
+    "Firefox/Android: Mozilla/5.0 (Android 11; Mobile; rv:68.0) Gecko/68.0 Firefox/84.0",
+];
+const readCache = (url, headers) => __awaiter(void 0, void 0, void 0, function* () {
+    // console.log("reading cache for", url);
+    // open the cache file, build a Response, and return
+    const cache = JSON.parse(fs.readFileSync(globals.getRespCacheFile(), "utf-8"));
+    if (cache[url]) {
+        // check if the response contains the specific request headers
+        // iterate through cache[url] and build a Response
+        let headersMatch = true;
+        // first check if the essential headers match
+        const rscEnabled = headers["RSC"] ? true : false;
+        if (rscEnabled) {
+            if (cache[url].rsc) {
+                return new Response(atob(cache[url].rsc.body_b64), {
+                    status: cache[url].rsc.status,
+                    headers: cache[url].rsc.resp_headers,
+                });
+            }
+        }
+        if (!rscEnabled && cache[url] && cache[url].normal) {
+            return new Response(atob(cache[url].normal.body_b64), {
+                status: cache[url].normal.status,
+                headers: cache[url].normal.resp_headers,
+            });
+        }
+    }
+    // console.log("cache not found for ", url);
+    return null;
+});
+const writeCache = (url, headers, response) => __awaiter(void 0, void 0, void 0, function* () {
+    // clone the response
+    const clonedResponse = response.clone();
+    // if cache exists, return
+    if ((yield readCache(url, headers)) !== null) {
+        // console.log("cache already exists for ", url);
+        return;
+    }
+    // open the cache file, and write the response based on the special headers
+    const cache = JSON.parse(fs.readFileSync(globals.getRespCacheFile(), "utf-8"));
+    if (!cache[url]) {
+        cache[url] = {};
+    }
+    const body = btoa(encodeURIComponent(yield clonedResponse.text()).replace(/%([0-9A-F]{2})/g, (match, p1) => String.fromCharCode(parseInt(p1, 16))));
+    const status = clonedResponse.status;
+    const resp_headers = clonedResponse.headers;
+    if (headers["RSC"]) {
+        cache[url].rsc = {
+            req_headers: headers,
+            status: status,
+            body_b64: body,
+            resp_headers: resp_headers,
+        };
+        // console.log("rsc", url);
+    }
+    else {
+        cache[url].normal = {
+            req_headers: headers,
+            status: status,
+            body_b64: body,
+            resp_headers: resp_headers,
+        };
+        // console.log("normal", url);
+    }
+    fs.writeFileSync(globals.getRespCacheFile(), JSON.stringify(cache));
+    // console.log("wrote cache for ", url);
+});
+const makeRequest = (url, args) => __awaiter(void 0, void 0, void 0, function* () {
+    // if cache is enabled, read the cache and return if cache is present. else, continue
+    if (!globals.getDisableCache()) {
+        const cachedResponse = yield readCache(url, (args === null || args === void 0 ? void 0 : args.headers) || {});
+        if (cachedResponse !== null) {
+            return cachedResponse;
+        }
+    }
+    if (globals.useApiGateway) {
+        let get_headers;
+        if (args && args.headers) {
+            get_headers = args.headers;
+        }
+        else {
+            get_headers = {
+                "User-Agent": UAs[Math.floor(Math.random() * UAs.length)],
+                Accept: "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
+                "Accept-Language": "en-US,en;q=0.9",
+                "Sec-Fetch-Site": "same-origin",
+                "Sec-Fetch-Mode": "cors",
+                "Sec-Fetch-Dest": "empty",
+                Referer: url,
+                Origin: url,
+            };
+        }
+        const body = yield get(url, get_headers);
+        // craft a Response, and return that
+        const response = new Response(body);
+        // if cache is enabled, write the response to the cache
+        if (!globals.getDisableCache()) {
+            yield writeCache(url, get_headers, response);
+        }
+        return response;
+    }
+    else {
+        if (args === undefined) {
+            args = {
+                headers: {
+                    "User-Agent": UAs[Math.floor(Math.random() * UAs.length)],
+                    Accept: "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
+                    "Accept-Language": "en-US,en;q=0.9",
+                    "Sec-Fetch-Site": "same-origin",
+                    "Sec-Fetch-Mode": "cors",
+                    "Sec-Fetch-Dest": "empty",
+                    Referer: url,
+                    Origin: url,
+                },
+            };
+        }
+        let res;
+        let counter = 0;
+        while (true) {
+            try {
+                res = yield fetch(url, args);
+                if (res) {
+                    break;
+                }
+            }
+            catch (err) {
+                counter++;
+                if (counter > 10) {
+                    console.log(chalk.red(`[!] Failed to fetch ${url} : ${err}`));
+                    return null;
+                }
+                // sleep 0.5 s before retrying
+                yield new Promise((resolve) => setTimeout(resolve, 500));
+                continue;
+            }
+        }
+        const preservedRes = res.clone();
+        // check if this is a firewall
+        // CF first
+        const resp_text = yield res.text();
+        if (resp_text.includes("/?bm-verify=")) {
+            console.log(chalk.yellow(`[!] CF Firewall detected. Trying to bypass with headless browser`));
+            // if it is, load it in a headless browser
+            const browser = yield puppeteer.launch({
+                headless: true,
+                args: [
+                    "--disable-gpu",
+                    "--disable-dev-shm-usage",
+                    "--disable-setuid-sandbox",
+                    "--no-sandbox",
+                ],
+            });
+            const page = yield browser.newPage();
+            yield page.goto(url);
+            yield new Promise((resolve) => setTimeout(resolve, 5000));
+            const content = yield page.content();
+            yield browser.close();
+            // if cache is enabled, write the response to the cache
+            if (!globals.getDisableCache()) {
+                yield writeCache(url, {}, new Response(content));
+            }
+            return new Response(content);
+        }
+        else if (resp_text.includes("<title>Just a moment...</title>")) {
+            console.log(chalk.yellow(`[!] CF Firewall detected. Trying to bypass with headless browser`));
+            // if it is, load it in a headless browser
+            const browser = yield puppeteer.launch({
+                headless: true,
+                args: [
+                    "--disable-gpu",
+                    "--disable-dev-shm-usage",
+                    "--disable-setuid-sandbox",
+                    "--no-sandbox",
+                ],
+            });
+            const page = yield browser.newPage();
+            yield page.goto(url);
+            yield new Promise((resolve) => setTimeout(resolve, 5000));
+            const content = yield page.content();
+            yield browser.close();
+            // if cache is enabled, write the response to the cache
+            if (!globals.getDisableCache()) {
+                yield writeCache(url, {}, new Response(content));
+            }
+            return new Response(content);
+        }
+        // if cache is enabled, write the response to the cache
+        if (!globals.getDisableCache()) {
+            const resToCache = preservedRes.clone();
+            yield writeCache(url, (args === null || args === void 0 ? void 0 : args.headers) || {}, resToCache);
+        }
+        return preservedRes;
+    }
+});
+export default makeRequest;
+//# sourceMappingURL=makeReq.js.map

package/build/utility/makeReq.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"makeReq.js","sourceRoot":"","sources":["../../src/utility/makeReq.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,SAAS,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,OAAO,MAAM,cAAc,CAAC;AACxC,OAAO,EAAE,GAAG,EAAE,MAAM,0BAA0B,CAAC;AAC/C,OAAO,EAAE,MAAM,IAAI,CAAC;AAEpB,qBAAqB;AACrB,MAAM,GAAG,GAAG;IACR,oIAAoI;IACpI,+HAA+H;IAC/H,wHAAwH;IACxH,qIAAqI;IACrI,wHAAwH;IACxH,8JAA8J;IAC9J,mKAAmK;IACnK,mJAAmJ;IACnJ,0JAA0J;IAC1J,kIAAkI;IAClI,4IAA4I;IAC5I,2IAA2I;IAC3I,iGAAiG;IACjG,kGAAkG;IAClG,mFAAmF;IACnF,0JAA0J;IAC1J,+IAA+I;IAC/I,oFAAoF;IACpF,oIAAoI;IACpI,wJAAwJ;IACxJ,0JAA0J;IAC1J,6IAA6I;IAC7I,8EAA8E;IAC9E,kJAAkJ;IAClJ,mJAAmJ;IACnJ,0JAA0J;IAC1J,sKAAsK;IACtK,qJAAqJ;IACrJ,sJAAsJ;IACtJ,yIAAyI;IACzI,8JAA8J;IAC9J,4IAA4I;IAC5I,kJAAkJ;IAClJ,qIAAqI;IACrI,4JAA4J;IAC5J,kKAAkK;IAClK,2KAA2K;IAC3K,2KAA2K;IAC3K,qIAAqI;IACrI,oIAAoI;IACpI,kGAAkG;IAClG,qIAAqI;IACrI,kJAAkJ;IAClJ,mJAAmJ;IACnJ,qJAAqJ;IACrJ,2JAA2J;IAC3J,uJAAuJ;IACvJ,kJAAkJ;IAClJ,kGAAkG;IAClG,oIAAoI;IACpI,iGAAiG;IACjG,4IAA4I;IAC5I,kIAAkI;IAClI,oFAAoF;CACvF,CAAC;AAEF,MAAM,SAAS,GAAG,CAAO,GAAW,EAAE,OAAW,EAAE,EAAE;IACjD,yCAAyC;IACzC,oDAAoD;IACpD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CACpB,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,gBAAgB,EAAE,EAAE,OAAO,CAAC,CACvD,CAAC;IACF,IAAI,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QACb,8DAA8D;QAC9D,kDAAkD;QAElD,IAAI,YAAY,GAAG,IAAI,CAAC;QAExB,6CAA6C;QAC7C,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC;QACjD,IAAI,UAAU,EAAE,CAAC;YACb,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC;gBACjB,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE;oBAC/C,MAAM,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM;oBAC7B,OAAO,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,YAAY;iBACvC,CAAC,CAAC;YACP,CAAC;QACL,CAAC;QACD,IAAI,CAAC,UAAU,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC;YACjD,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE;gBAClD,MAAM,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,MAAM;gBAChC,OAAO,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,YAAY;aAC1C,CAAC,CAAC;QACP,CAAC;IACL,CAAC;IACD,4CAA4C;IAC5C,OAAO,IAAI,CAAC;AAChB,CAAC,CAAA,CAAC;AAEF,MAAM,UAAU,GAAG,CAAO,GAAW,EAAE,OAAW,EAAE,QAAkB,EAAE,EAAE;IACtE,qBAAqB;IACrB,MAAM,cAAc,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAC;IAExC,0BAA0B;IAC1B,IAAI,CAAC,MAAM,SAAS,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC3C,iDAAiD;QACjD,OAAO;IACX,CAAC;IAED,2EAA2E;IAC3E,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CACpB,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,gBAAgB,EAAE,EAAE,OAAO,CAAC,CACvD,CAAC;IACF,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QACd,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;IACpB,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,CACb,kBAAkB,CAAC,MAAM,cAAc,CAAC,IAAI,EAAE,CAAC,CAAC,OAAO,CACnD,iBAAiB,EACjB,CAAC,KAAK,EAAE,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CACvD,CACJ,CAAC;IACF,MAAM,MAAM,GAAG,cAAc,CAAC,MAAM,CAAC;IACrC,MAAM,YAAY,GAAG,cAAc,CAAC,OAAO,CAAC;IAC5C,IAAI,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACjB,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG;YACb,WAAW,EAAE,OAAO;YACpB,MAAM,EAAE,MAAM;YACd,QAAQ,EAAE,IAAI;YACd,YAAY,EAAE,YAAY;SAC7B,CAAC;QACF,2BAA2B;IAC/B,CAAC;SAAM,CAAC;QACJ,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG;YAChB,WAAW,EAAE,OAAO;YACpB,MAAM,EAAE,MAAM;YACd,QAAQ,EAAE,IAAI;YACd,YAAY,EAAE,YAAY;SAC7B,CAAC;QACF,8BAA8B;IAClC,CAAC;IACD,EAAE,CAAC,aAAa,CAAC,OAAO,CAAC,gBAAgB,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;IACpE,wCAAwC;AAC5C,CAAC,CAAA,CAAC;AAEF,MAAM,WAAW,GAAG,CAAO,GAAW,EAAE,IAAiB,EAAE,EAAE;IACzD,qFAAqF;IACrF,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC;QAC7B,MAAM,cAAc,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,OAAO,KAAI,EAAE,CAAC,CAAC;QACjE,IAAI,cAAc,KAAK,IAAI,EAAE,CAAC;YAC1B,OAAO,cAAc,CAAC;QAC1B,CAAC;IACL,CAAC;IAED,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;QACxB,IAAI,WAAW,CAAC;QAChB,IAAI,IAAI,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACvB,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC;QAC/B,CAAC;aAAM,CAAC;YACJ,WAAW,GAAG;gBACV,YAAY,EAAE,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC;gBACzD,MAAM,EAAE,yIAAyI;gBACjJ,iBAAiB,EAAE,gBAAgB;gBACnC,gBAAgB,EAAE,aAAa;gBAC/B,gBAAgB,EAAE,MAAM;gBACxB,gBAAgB,EAAE,OAAO;gBACzB,OAAO,EAAE,GAAG;gBACZ,MAAM,EAAE,GAAG;aACd,CAAC;QACN,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;QAEzC,oCAAoC;QACpC,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC;QAEpC,uDAAuD;QACvD,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC;YAC7B,MAAM,UAAU,CAAC,GAAG,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAC;QACjD,CAAC;QACD,OAAO,QAAQ,CAAC;IACpB,CAAC;SAAM,CAAC;QACJ,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;YACrB,IAAI,GAAG;gBACH,OAAO,EAAE;oBACL,YAAY,EAAE,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC;oBACzD,MAAM,EAAE,yIAAyI;oBACjJ,iBAAiB,EAAE,gBAAgB;oBACnC,gBAAgB,EAAE,aAAa;oBAC/B,gBAAgB,EAAE,MAAM;oBACxB,gBAAgB,EAAE,OAAO;oBACzB,OAAO,EAAE,GAAG;oBACZ,MAAM,EAAE,GAAG;iBACd;aACJ,CAAC;QACN,CAAC;QACD,IAAI,GAAa,CAAC;QAClB,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,OAAO,IAAI,EAAE,CAAC;YACV,IAAI,CAAC;gBACD,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;gBAC7B,IAAI,GAAG,EAAE,CAAC;oBACN,MAAM;gBACV,CAAC;YACL,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACX,OAAO,EAAE,CAAC;gBACV,IAAI,OAAO,GAAG,EAAE,EAAE,CAAC;oBACf,OAAO,CAAC,GAAG,CACP,KAAK,CAAC,GAAG,CAAC,uBAAuB,GAAG,MAAM,GAAG,EAAE,CAAC,CACnD,CAAC;oBACF,OAAO,IAAI,CAAC;gBAChB,CAAC;gBACD,8BAA8B;gBAC9B,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;gBACzD,SAAS;YACb,CAAC;QACL,CAAC;QAED,MAAM,YAAY,GAAG,GAAG,CAAC,KAAK,EAAE,CAAC;QAEjC,8BAA8B;QAC9B,WAAW;QACX,MAAM,SAAS,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QACnC,IAAI,SAAS,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;YACrC,OAAO,CAAC,GAAG,CACP,KAAK,CAAC,MAAM,CACR,kEAAkE,CACrE,CACJ,CAAC;YACF,0CAA0C;YAC1C,MAAM,OAAO,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC;gBACnC,QAAQ,EAAE,IAAI;gBACd,IAAI,EAAE;oBACF,eAAe;oBACf,yBAAyB;oBACzB,0BAA0B;oBAC1B,cAAc;iBACjB;aACJ,CAAC,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,OAAO,EAAE,CAAC;YACrC,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACrB,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;YAC1D,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;YACrC,MAAM,OAAO,CAAC,KAAK,EAAE,CAAC;YAEtB,uDAAuD;YACvD,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC;gBAC7B,MAAM,UAAU,CAAC,GAAG,EAAE,EAAE,EAAE,IAAI,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;YACrD,CAAC;YACD,OAAO,IAAI,QAAQ,CAAC,OAAO,CAAC,CAAC;QACjC,CAAC;aAAM,IAAI,SAAS,CAAC,QAAQ,CAAC,iCAAiC,CAAC,EAAE,CAAC;YAC/D,OAAO,CAAC,GAAG,CACP,KAAK,CAAC,MAAM,CACR,kEAAkE,CACrE,CACJ,CAAC;YACF,0CAA0C;YAC1C,MAAM,OAAO,GAAG,MAAM,SAAS,CAAC,MAAM,CAAC;gBACnC,QAAQ,EAAE,IAAI;gBACd,IAAI,EAAE;oBACF,eAAe;oBACf,yBAAyB;oBACzB,0BAA0B;oBAC1B,cAAc;iBACjB;aACJ,CAAC,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,OAAO,EAAE,CAAC;YACrC,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACrB,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;YAC1D,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;YACrC,MAAM,OAAO,CAAC,KAAK,EAAE,CAAC;YAEtB,uDAAuD;YACvD,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC;gBAC7B,MAAM,UAAU,CAAC,GAAG,EAAE,EAAE,EAAE,IAAI,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;YACrD,CAAC;YACD,OAAO,IAAI,QAAQ,CAAC,OAAO,CAAC,CAAC;QACjC,CAAC;QAED,uDAAuD;QACvD,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC;YAC7B,MAAM,UAAU,GAAG,YAAY,CAAC,KAAK,EAAE,CAAC;YACxC,MAAM,UAAU,CAAC,GAAG,EAAE,CAAA,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,OAAO,KAAI,EAAE,EAAE,UAAU,CAAC,CAAC;QAC3D,CAAC;QACD,OAAO,YAAY,CAAC;IACxB,CAAC;AACL,CAAC,CAAA,CAAC;AAEF,eAAe,WAAW,CAAC"}

package/build/utility/resolvePath.js

@@ -0,0 +1,44 @@
+/**
+ * Resolves a given path against a base URL using the URL constructor.
+ *
+ * The function handles various cases of path resolution:
+ * - If the base URL does not end with a '/', its last segment is treated as a "file",
+ *   and relative paths are resolved from its "directory".
+ * - Examples:
+ *   - url='https://site.com/something', path='./main.js' => 'https://site.com/main.js'
+ *     (Base for resolution becomes 'https://site.com/')
+ *   - url='https://site.com/something/', path='./main.js' => 'https://site.com/something/main.js'
+ *     (Base for resolution is 'https://site.com/something/')
+ *   - url='https://site.com/something/other', path='../main.js' => 'https://site.com/main.js'
+ *     (Base for resolution becomes 'https://site.com/something/', then '../' navigates up)
+ *
+ * @param {string} url - The base URL to resolve against.
+ * @param {string} path - The path to resolve.
+ * @returns {Promise<string>} - A promise that resolves to the fully resolved URL as a string.
+ * @throws Will throw an error if the resolution fails.
+ */
+const resolvePath = (url, path) => {
+    try {
+        // The URL constructor handles various cases of path resolution.
+        // If 'url' (the base URL) does not end with a '/', its last path segment
+        // is typically treated as a "file", and relative paths are resolved
+        // from the "directory" containing that "file".
+        // This behavior aligns with the provided examples:
+        // - url='https://site.com/something', path='./main.js' => 'https://site.com/main.js'
+        //   (Base for resolution becomes 'https://site.com/')
+        // - url='https://site.com/something/', path='./main.js' => 'https://site.com/something/main.js'
+        //   (Base for resolution is 'https://site.com/something/')
+        // - url='https://site.com/something/other', path='../main.js' => 'https://site.com/main.js'
+        //   (Base for resolution becomes 'https://site.com/something/', then '../' navigates up)
+        const resolvedUrl = new URL(path, url);
+        return resolvedUrl.href;
+    }
+    catch (e) {
+        console.error(`Error resolving path "${path}" with base URL "${url}": ${e.message}`);
+        // Rethrowing the error to signal failure to the caller.
+        // Alternative error handling (e.g., returning null) can be implemented if required.
+        throw e;
+    }
+};
+export default resolvePath;
+//# sourceMappingURL=resolvePath.js.map

package/build/utility/resolvePath.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"resolvePath.js","sourceRoot":"","sources":["../../src/utility/resolvePath.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,WAAW,GAAG,CAAC,GAAW,EAAE,IAAY,EAAE,EAAE;IAC9C,IAAI,CAAC;QACD,gEAAgE;QAChE,yEAAyE;QACzE,oEAAoE;QACpE,+CAA+C;QAC/C,mDAAmD;QACnD,qFAAqF;QACrF,sDAAsD;QACtD,gGAAgG;QAChG,2DAA2D;QAC3D,4FAA4F;QAC5F,yFAAyF;QACzF,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QACvC,OAAO,WAAW,CAAC,IAAI,CAAC;IAC5B,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACT,OAAO,CAAC,KAAK,CACT,yBAAyB,IAAI,oBAAoB,GAAG,MAAM,CAAC,CAAC,OAAO,EAAE,CACxE,CAAC;QACF,wDAAwD;QACxD,oFAAoF;QACpF,MAAM,CAAC,CAAC;IACZ,CAAC;AACL,CAAC,CAAC;AAEF,eAAe,WAAW,CAAC"}

package/{utility → build/utility}/runSandboxed.js

@@ -1,8 +1,6 @@
-import 'ses';
-
+import "ses";
 // Lock down the global environment for security
 lockdown();
-
 /**
  * Executes a given function in a sandboxed environment.
  * @param {string} code - The code to execute.
@@ -10,16 +8,15 @@ lockdown();
  * @returns {any} The result of the function execution.
  */
 const execFunc = (code, param) => {
-  const c = new Compartment({
-    console,
-  });
-  const wrappedCode = `
+    const c = new Compartment({
+        console,
+    });
+    const wrappedCode = `
     (${code})
   `;
-  const func = c.evaluate(wrappedCode);
-  const output = func(param);
-
-  return output;
+    const func = c.evaluate(wrappedCode);
+    const output = func(param);
+    return output;
 };
-
-export default execFunc;
+export default execFunc;
+//# sourceMappingURL=runSandboxed.js.map

package/build/utility/runSandboxed.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"runSandboxed.js","sourceRoot":"","sources":["../../src/utility/runSandboxed.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC;AAEb,gDAAgD;AAChD,QAAQ,EAAE,CAAC;AAEX;;;;;GAKG;AACH,MAAM,QAAQ,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;IAC7B,MAAM,CAAC,GAAG,IAAI,WAAW,CAAC;QACtB,OAAO;KACV,CAAC,CAAC;IACH,MAAM,WAAW,GAAG;OACjB,IAAI;GACR,CAAC;IACA,MAAM,IAAI,GAAG,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IACrC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;IAE3B,OAAO,MAAM,CAAC;AAClB,CAAC,CAAC;AAEF,eAAe,QAAQ,CAAC"}

package/{utility → build/utility}/urlUtils.js

@@ -7,16 +7,14 @@
  *   - directory: The directory path, excluding the filename if present (e.g., "/static/js").
  */
 const getURLDirectory = (url) => {
-  const u = new URL(url);
-  const pathname = u.pathname;
-
-  // Remove filename (last part after final /) if it ends with .js or any file extension
-  const dir = pathname.replace(/\/[^\/?#]+\.[^\/?#]+$/, "");
-
-  return {
-    host: u.host, // e.g., "vercel.com" or "localhost:3000"
-    directory: dir, // e.g., "/static/js"
-  };
+    const u = new URL(url);
+    const pathname = u.pathname;
+    // Remove filename (last part after final /) if it ends with .js or any file extension
+    const dir = pathname.replace(/\/[^\/?#]+\.[^\/?#]+$/, "");
+    return {
+        host: u.host, // e.g., "vercel.com" or "localhost:3000"
+        directory: dir, // e.g., "/static/js"
+    };
 };
-
 export { getURLDirectory };
+//# sourceMappingURL=urlUtils.js.map

package/build/utility/urlUtils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"urlUtils.js","sourceRoot":"","sources":["../../src/utility/urlUtils.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,MAAM,eAAe,GAAG,CAAC,GAAG,EAAE,EAAE;IAC5B,MAAM,CAAC,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IACvB,MAAM,QAAQ,GAAG,CAAC,CAAC,QAAQ,CAAC;IAE5B,sFAAsF;IACtF,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,CAAC,uBAAuB,EAAE,EAAE,CAAC,CAAC;IAE1D,OAAO;QACH,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,yCAAyC;QACvD,SAAS,EAAE,GAAG,EAAE,qBAAqB;KACxC,CAAC;AACN,CAAC,CAAC;AAEF,OAAO,EAAE,eAAe,EAAE,CAAC"}

package/docs/CNAME

@@ -0,0 +1 @@
+js-recon.io

package/docs/README.md

@@ -0,0 +1,20 @@
+# js-recon Documentation
+
+Welcome to the official documentation for `js-recon`, a powerful tool for JavaScript reconnaissance. This documentation provides a comprehensive overview of all available commands and their functionalities.
+
+## Available Commands
+
+`js-recon` offers the following commands to help you analyze and extract valuable information from JavaScript files:
+
+- **[Lazyload](./lazyload.md):** Download all Lazy-Loaded JavaScript files from a target URL or a list of URLs.
+- **[Endpoints](./endpoints.md):** Extract client-side from JavaScript files.
+- **[Strings](./strings.md):** Extract strings, URLs, and secrets from JavaScript files.
+- **[API Gateway](./api-gateway.md):** Configure and manage AWS API Gateway for IP rotation.
+- **[Map](./map.md):** Map and analyze functions within JavaScript files. For Next.js, an [interactive mode](./interactive-mode.md) is also available.
+- **[Run](./run.md):** Run essential modules automatically.
+
+Select a command from the list above to view its detailed documentation, including all available options and practical examples.
+
+## Example Scenario
+
+An example scenario is demonstrated on [this](./example-scenario.md) page. The example assumes the app is using Next.JS.

package/docs/api-gateway.md

@@ -0,0 +1,68 @@
+# API Gateway Command
+
+The `api-gateway` command is used to configure and manage AWS API Gateway for the purpose of IP address rotation. This configuration is written to `.api_gateway_config.json` by default. This allows you to make requests from a pool of different IP addresses, which can be useful for avoiding rate limiting.
+
+Note that the only module which makes HTTP request is `lazyload`. So, the configuration generated by this module will only work there.
+
+## Usage
+
+```bash
+js-recon api-gateway [options]
+```
+
+## Options
+
+| Option                      | Alias | Description                                                           | Default                    | Required |
+| --------------------------- | ----- | --------------------------------------------------------------------- | -------------------------- | -------- |
+| `--init`                    | `-i`  | Initialize the config file and create a new API Gateway.              | `false`                    | No       |
+| `--destroy <id>`            | `-d`  | Destroy the API with the given ID.                                    |                            | No       |
+| `--destroy-all`             |       | Destroy all APIs created by this tool in all regions.                 | `false`                    | No       |
+| `--region <region>`         | `-r`  | AWS region to create the API in.                                      | random region              | No       |
+| `--access-key <access-key>` | `-a`  | AWS access key. Uses `AWS_ACCESS_KEY_ID` env var if not provided.     |                            | No       |
+| `--secret-key <secret-key>` | `-s`  | AWS secret key. Uses `AWS_SECRET_ACCESS_KEY` env var if not provided. |                            | No       |
+| `--config <config>`         | `-c`  | Name of the config file (if different from the default)               | `.api_gateway_config.json` | No       |
+| `--list`                    | `-l`  | List all APIs created by this tool.                                   | `false`                    | No       |
+| `--feasibility`             |       | Check the feasibility of using API Gateway for a target.              | `false`                    | No       |
+| `--feasibility-url <url>`   |       | URL to check the feasibility of.                                      |                            | No       |
+
+## Examples
+
+### Initialize API Gateway
+
+Create a new API Gateway and save its configuration:
+
+```bash
+js-recon api-gateway --init
+```
+
+### List Created APIs
+
+List all the API Gateways that have been created by this tool:
+
+```bash
+js-recon api-gateway --list
+```
+
+### Destroy an API
+
+Destroy a specific API Gateway using its ID:
+
+```bash
+js-recon api-gateway --destroy <api-id>
+```
+
+### Destroy All APIs
+
+Destroy all APIs created by this tool in all regions:
+
+```bash
+js-recon api-gateway --destroy-all
+```
+
+### Check Feasibility
+
+Check if a target URL returns a response that contains known traces of firewall. If the result says firewall detected, then it means that the target has blocked the IP addresses originating from the AWS infrastructure.
+
+```bash
+js-recon api-gateway --feasibility --feasibility-url https://example.com
+```

package/docs/endpoints.md

@@ -0,0 +1,49 @@
+# Endpoints Command
+
+The `endpoints` command is used to extract client-side endpoints from a directory of JavaScript files. It identifies potential client-side paths and organizes them for further analysis.
+
+## Usage
+
+```bash
+js-recon endpoints [options]
+```
+
+## Options
+
+| Option                                  | Alias | Description                                                                         | Default     | Required |
+| --------------------------------------- | ----- | ----------------------------------------------------------------------------------- | ----------- | -------- |
+| `--url <url>`                           | `-u`  | Target Base URL (will be used to resolve relative paths).                           |             | Yes      |
+| `--directory <directory>`               | `-d`  | Directory containing JS files.                                                      |             | Yes      |
+| `--output <filename>`                   | `-o`  | Output filename (without file extension).                                           | `endpoints` | No       |
+| `--output-format <format>`              |       | Output format for the results (comma-separated; available: `md`).                   | `md`        | No       |
+| `--tech <tech>`                         | `-t`  | Technology used in the JS files (run with `-l`/`--list` to see available options).  |             | Yes      |
+| `--list`                                | `-l`  | List available technologies.                                                        | `false`     | No       |
+| `--subsequent-requests-dir <directory>` |       | Directory containing subsequent requests. **Required for Next.JS (`--tech next`)**. |             | No       |
+
+## Examples
+
+### Basic Usage
+
+Extract endpoints from a directory of JS files, specifying the technology and target URL:
+
+```bash
+js-recon endpoints -d /path/to/js-files -t <technology> -u https://example.com
+```
+
+### Specify Output File
+
+Extract endpoints and save them to a custom file named `api_paths.md`:
+
+```bash
+js-recon endpoints -d /path/to/js-files -t <technology> -u https://example.com -o api_paths
+```
+
+### Next.JS Usage
+
+When analyzing a Next.JS application, you must specify the technology as `next` and provide the directory containing subsequent requests. These requests are typically captured during the `lazyload` process. Refer to the [example scenario](./example-scenario.md#subseqent-requests) to know detailed guide on this.
+
+```bash
+js-recon endpoints -d /path/to/js-files -t next -u https://example.com --subsequent-requests-dir /path/to/js-files/___subsequent_requests
+```
+
+This command will analyze the JavaScript files and the subsequent requests to extract a comprehensive list of client-side paths and API endpoints specific to the Next.JS framework.