jseye 1.0.1__tar.gz → 1.0.2__tar.gz

{jseye-1.0.1/jseye.egg-info → jseye-1.0.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: jseye
-Version: 1.0.1
+Version: 1.0.2
 Summary: JavaScript Intelligence & Attack Surface Discovery Tool
 Home-page: https://github.com/letchupkt/jseye
 Author: Lakshmikanthan K

{jseye-1.0.1 → jseye-1.0.2}/jseye/__init__.py

@@ -4,6 +4,6 @@ Author: Lakshmikanthan K (letchupkt)
 License: MIT
 """
 
-__version__ = "1.0.1"
+__version__ = "1.0.2"
 __author__ = "Lakshmikanthan K (letchupkt)"
 __email__ = "letchupkt.dev@gmail.com"

jseye-1.0.2/jseye/__main__.py

@@ -0,0 +1,9 @@
+#!/usr/bin/env python3
+"""
+JSEye package main entry point
+"""
+
+from .cli import main
+
+if __name__ == "__main__":
+    main()

jseye-1.0.2/jseye/banner.py

@@ -0,0 +1,84 @@
+"""
+JSEye Banner Display with Version Checking
+"""
+
+import requests
+from rich.console import Console
+from rich.text import Text
+from rich.align import Align
+from rich.panel import Panel
+from . import __version__
+
+console = Console()
+
+def get_latest_pypi_version():
+    """Get the latest version from PyPI"""
+    try:
+        response = requests.get("https://pypi.org/pypi/jseye/json", timeout=3)
+        if response.status_code == 200:
+            data = response.json()
+            return data["info"]["version"]
+    except:
+        pass
+    return None
+
+def show_banner():
+    """Display the enhanced JSEye banner"""
+    # Add some top padding first
+    console.print()
+    
+    # ASCII Art Banner - clean and properly aligned
+    banner = """   ▄▄▄▄▄▄  ▄▄▄▄▄     ▄▄▄▄▄▄▄            
+  █▀ ██   ██▀▀▀▀█▄  █▀██▀▀▀             
+     ██   ▀██▄  ▄▀    ██                
+     ██     ▀██▄▄     ████   ██ ██ ▄█▀█▄
+     ██   ▄   ▀██▄    ██     ██▄██ ██▄█▀
+     ██   ▀██████▀    ▀█████▄▄▀██▀ ▀██▄▄▄
+ ▄   ██                        ██       
+ ▀████▀                      ▀▀▀        """
+    
+    # Display banner in cyan
+    banner_text = Text(banner, style="cyan bold")
+    console.print(Align.center(banner_text))
+    console.print()
+    
+    # Tagline centered
+    tagline = Text("JavaScript Intelligence & Attack Surface Discovery", style="green bold")
+    console.print(Align.center(tagline))
+    
+    # Version info with PyPI check
+    current_version = f"v{__version__}"
+    version_text = f"Current Version: {current_version}"
+    
+    # Check for latest version on PyPI
+    latest_version = get_latest_pypi_version()
+    if latest_version and latest_version != __version__:
+        version_text += f" | Latest: v{latest_version} (Update available!)"
+        version_style = "yellow bold"
+    else:
+        version_style = "green"
+    
+    version_info = Text(version_text, style=version_style)
+    console.print(Align.center(version_info))
+    
+    # Author info
+    author = Text("Author: Lakshmikanthan K (letchupkt)", style="purple")
+    console.print(Align.center(author))
+    
+    console.print()
+
+def show_performance_banner():
+    """Show performance-focused banner for v1.0.2"""
+    # Performance upgrade banner
+    perf_banner = Panel.fit(
+        "[bold cyan]>> JSEye v1.0.2 - Performance Revolution[/bold cyan]\n"
+        "[green][+] Parallel Tool Execution (3-5x faster)[/green]\n"
+        "[green][+] Smart JS Prioritization (60-70% time saved)[/green]\n"
+        "[green][+] Tiered Analysis Engine[/green]\n"
+        "[green][+] Comprehensive Caching System[/green]\n"
+        "[green][+] Full CPU Utilization[/green]",
+        style="cyan",
+        title="[bold white]Performance Upgrades[/bold white]"
+    )
+    console.print(Align.center(perf_banner))
+    console.print()

jseye-1.0.2/jseye/cli.py

@@ -0,0 +1,182 @@
+#!/usr/bin/env python3
+"""
+JSEye CLI - Enhanced Main Entry Point
+"""
+
+import os
+import sys
+import argparse
+from pathlib import Path
+from rich.console import Console
+from rich.panel import Panel
+
+from .banner import show_banner, show_performance_banner
+from .installer import check_and_install_tools
+from .pipeline import JSEyePipeline
+
+console = Console()
+
+def create_parser():
+    """Create enhanced argument parser"""
+    parser = argparse.ArgumentParser(
+        description="JSEye v1.0.2 - High-Performance JavaScript Intelligence Framework",
+        formatter_class=argparse.RawDescriptionHelpFormatter,
+        epilog="""
+Examples:
+  jseye -i subs.txt -o output                    # Full parallel pipeline
+  jseye -i subs.txt -o output --js-only          # Stop after JS discovery
+  jseye -i subs.txt -o output --no-secrets       # Skip secrets detection
+  jseye -i subs.txt -o output --regex-only       # Only regex analysis
+  jseye -i subs.txt -o output --performance      # Show performance banner
+        """
+    )
+    
+    # Required arguments
+    parser.add_argument("-i", "--input", 
+                       help="Input file containing subdomains")
+    parser.add_argument("-o", "--output",
+                       help="Output directory for results")
+    
+    # Performance and UI options
+    parser.add_argument("--performance", action="store_true",
+                       help="Show performance upgrades banner")
+    parser.add_argument("--no-banner", action="store_true",
+                       help="Skip banner display")
+    
+    # Module control flags
+    parser.add_argument("--js-only", action="store_true",
+                       help="Stop after JavaScript discovery")
+    parser.add_argument("--no-install", action="store_true",
+                       help="Do not auto-install missing tools")
+    parser.add_argument("--skip-ast", action="store_true",
+                       help="Skip AST analysis")
+    parser.add_argument("--regex-only", action="store_true",
+                       help="Only perform regex analysis")
+    parser.add_argument("--no-secrets", action="store_true",
+                       help="Skip secrets detection")
+    parser.add_argument("--no-sinks", action="store_true",
+                       help="Skip sink detection")
+    parser.add_argument("--no-correlate", action="store_true",
+                       help="Skip correlation engine")
+    parser.add_argument("--list-modules", action="store_true",
+                       help="Show available modules and exit")
+    
+    return parser
+
+def list_modules():
+    """List available modules with enhanced display"""
+    modules_info = [
+        ("harvest", "Parallel URL harvesting (gau, waybackurls, katana, hakrawler, subjs)", "[*]"),
+        ("js_filter", "Intelligent JavaScript filtering with prioritization", "[>]"),
+        ("js_download", "Parallel JavaScript file downloading with caching", "[>>]"),
+        ("tiered_analysis", "Smart tiered analysis engine (T1/T2/T3)", "[#]"),
+        ("analyze_regex", "Regex-based pattern analysis", "[~]"),
+        ("analyze_ast", "AST-based code analysis", "[^]"),
+        ("linkfinder", "Enhanced endpoint discovery", "[=]"),
+        ("secrets", "Secret detection with mantra integration", "[!]"),
+        ("sinks", "Vulnerability sink detection", "[?]"),
+        ("correlate", "Intelligence correlation engine", "[<>]"),
+        ("cache", "Comprehensive caching system", "[C]")
+    ]
+    
+    console.print()
+    panel_content = "[bold cyan]JSEye v1.0.2 - Available Modules[/bold cyan]\n\n"
+    
+    for name, desc, symbol in modules_info:
+        panel_content += f"{symbol} [bold green]{name}[/bold green] - {desc}\n"
+    
+    panel = Panel(panel_content.strip(), style="cyan", title="[bold white]Module Overview[/bold white]")
+    console.print(panel)
+    console.print()
+
+def validate_environment():
+    """Validate the runtime environment"""
+    issues = []
+    
+    # Check Python version
+    if sys.version_info < (3, 10):
+        issues.append("Python 3.10+ required")
+    
+    # Check write permissions for output
+    try:
+        test_dir = Path.cwd() / ".jseye_test"
+        test_dir.mkdir(exist_ok=True)
+        test_dir.rmdir()
+    except:
+        issues.append("No write permissions in current directory")
+    
+    return issues
+
+def main():
+    """Enhanced main CLI entry point"""
+    parser = create_parser()
+    args = parser.parse_args()
+    
+    # Show banner (unless disabled)
+    if not args.no_banner:
+        show_banner()
+        if args.performance:
+            show_performance_banner()
+    
+    # List modules if requested
+    if args.list_modules:
+        list_modules()
+        return 0
+    
+    # Validate required arguments
+    if not args.input or not args.output:
+        console.print("[red]Error: Both --input and --output are required[/red]")
+        parser.print_help()
+        return 1
+    
+    # Validate environment
+    env_issues = validate_environment()
+    if env_issues:
+        console.print("[red]Environment Issues:[/red]")
+        for issue in env_issues:
+            console.print(f"  • {issue}")
+        return 1
+    
+    # Validate input file
+    input_path = Path(args.input)
+    if not input_path.exists():
+        console.print(f"[red]Error: Input file '{args.input}' not found[/red]")
+        return 1
+    
+    # Create output directory
+    output_dir = Path(args.output)
+    try:
+        output_dir.mkdir(parents=True, exist_ok=True)
+        console.print(f"[green]Output directory: {output_dir.absolute()}[/green]")
+    except Exception as e:
+        console.print(f"[red]Error creating output directory: {e}[/red]")
+        return 1
+    
+    try:
+        # Check and install tools if needed
+        if not args.no_install:
+            console.print("[yellow]Checking required tools...[/yellow]")
+            if not check_and_install_tools():
+                console.print("[red]Failed to install required tools[/red]")
+                return 1
+        
+        # Initialize and run enhanced pipeline
+        console.print("[bold cyan]Starting JSEye v1.0.2 High-Performance Pipeline...[/bold cyan]")
+        pipeline = JSEyePipeline(args.input, args.output, args)
+        results = pipeline.run()
+        
+        # Show enhanced summary
+        pipeline.show_summary(results)
+        
+        console.print("[bold green][+] JSEye execution completed successfully![/bold green]")
+        return 0
+        
+    except KeyboardInterrupt:
+        console.print("\n[yellow][!] Interrupted by user[/yellow]")
+        return 1
+    except Exception as e:
+        console.print(f"[red][-] Error: {e}[/red]")
+        return 1
+
+if __name__ == "__main__":
+    sys.exit(main())

jseye-1.0.2/jseye/modules/harvest.py

@@ -0,0 +1,177 @@
+"""
+URL Harvesting Module - Parallel execution for maximum speed
+"""
+
+import asyncio
+import subprocess
+from pathlib import Path
+from typing import List, Set, Dict
+from rich.console import Console
+from concurrent.futures import ThreadPoolExecutor
+
+from ..utils.logger import log_progress
+from ..utils.hashing import DeduplicatorHash
+
+console = Console()
+
+class URLHarvester:
+    """Harvest URLs from multiple sources in parallel"""
+    
+    def __init__(self, output_dir: Path):
+        self.output_dir = output_dir
+        self.deduplicator = DeduplicatorHash()
+        self.timeout = 120  # 2 minutes per tool
+        
+    async def run_tool_async(self, tool_name: str, domain: str) -> List[str]:
+        """Run a single tool asynchronously"""
+        try:
+            if tool_name == "gau":
+                cmd = ["gau", domain]
+            elif tool_name == "waybackurls":
+                cmd = ["waybackurls", domain]
+            elif tool_name == "hakrawler":
+                cmd = ["hakrawler", "-url", domain, "-depth", "2", "-plain"]
+            elif tool_name == "katana":
+                cmd = ["katana", "-u", domain, "-depth", "2", "-silent"]
+            elif tool_name == "subjs":
+                cmd = ["subjs", "-d", domain]
+            else:
+                return []
+            
+            # Run tool with timeout
+            process = await asyncio.create_subprocess_exec(
+                *cmd,
+                stdout=asyncio.subprocess.PIPE,
+                stderr=asyncio.subprocess.PIPE
+            )
+            
+            try:
+                stdout, stderr = await asyncio.wait_for(
+                    process.communicate(), 
+                    timeout=self.timeout
+                )
+                
+                if process.returncode == 0 and stdout:
+                    urls = [url.strip() for url in stdout.decode('utf-8', errors='ignore').split('\n') if url.strip()]
+                    log_progress(f"{tool_name}: found {len(urls)} URLs for {domain}")
+                    return urls
+                else:
+                    log_progress(f"{tool_name}: no results for {domain}")
+                    return []
+                    
+            except asyncio.TimeoutError:
+                process.kill()
+                log_progress(f"{tool_name}: timeout for {domain}")
+                return []
+                
+        except Exception as e:
+            log_progress(f"{tool_name}: error for {domain} - {e}")
+            return []
+    
+    async def harvest_domain_parallel(self, domain: str) -> List[str]:
+        """Harvest URLs from a single domain using all tools in parallel"""
+        tools = ["gau", "waybackurls", "hakrawler", "katana", "subjs"]
+        
+        # Run all tools in parallel
+        tasks = [self.run_tool_async(tool, domain) for tool in tools]
+        results = await asyncio.gather(*tasks, return_exceptions=True)
+        
+        # Collect all URLs
+        all_urls = []
+        for i, result in enumerate(results):
+            if isinstance(result, list):
+                all_urls.extend(result)
+            else:
+                log_progress(f"{tools[i]}: exception for {domain} - {result}")
+        
+        return all_urls
+    
+    async def harvest_all_domains_parallel(self, domains: List[str]) -> List[str]:
+        """Harvest URLs from all domains in parallel"""
+        log_progress(f"Harvesting URLs from {len(domains)} domains in parallel")
+        
+        # Limit concurrent domains to avoid overwhelming the system
+        semaphore = asyncio.Semaphore(3)  # Max 3 domains at once
+        
+        async def harvest_with_semaphore(domain):
+            async with semaphore:
+                return await self.harvest_domain_parallel(domain)
+        
+        # Run domain harvesting in parallel
+        tasks = [harvest_with_semaphore(domain) for domain in domains]
+        domain_results = await asyncio.gather(*tasks, return_exceptions=True)
+        
+        # Collect all URLs
+        all_urls = []
+        for i, result in enumerate(domain_results):
+            if isinstance(result, list):
+                all_urls.extend(result)
+                log_progress(f"Domain {domains[i]}: {len(result)} URLs")
+            else:
+                log_progress(f"Domain {domains[i]}: failed - {result}")
+        
+        return all_urls
+    
+    def harvest_urls(self, domains: List[str]) -> List[str]:
+        """
+        Harvest URLs from all sources in parallel (main entry point)
+        
+        Args:
+            domains: List of domains to harvest
+            
+        Returns:
+            Deduplicated list of URLs
+        """
+        log_progress(">> Starting PARALLEL URL harvesting (gau, waybackurls, hakrawler, katana, subjs)")
+        
+        # Run async harvesting
+        try:
+            all_urls = asyncio.run(self.harvest_all_domains_parallel(domains))
+        except Exception as e:
+            log_progress(f"Parallel harvesting failed, falling back to sequential: {e}")
+            return self.harvest_urls_sequential(domains)
+        
+        # Deduplicate URLs
+        unique_urls = self.deduplicator.deduplicate_list(all_urls)
+        
+        log_progress(f">> PARALLEL harvest complete: {len(unique_urls)} unique URLs from {len(all_urls)} total")
+        
+        # Save raw URLs
+        urls_file = self.output_dir / "harvested_urls.txt"
+        with open(urls_file, 'w') as f:
+            for url in unique_urls:
+                f.write(f"{url}\n")
+        
+        return unique_urls
+    
+    def harvest_urls_sequential(self, domains: List[str]) -> List[str]:
+        """Fallback sequential harvesting if parallel fails"""
+        log_progress("Running sequential URL harvesting (fallback)")
+        
+        all_urls = []
+        tools = [
+            ("gau", lambda d: ["gau", d]),
+            ("waybackurls", lambda d: ["waybackurls", d]),
+            ("hakrawler", lambda d: ["hakrawler", "-url", d, "-depth", "2", "-plain"]),
+            ("katana", lambda d: ["katana", "-u", d, "-depth", "2", "-silent"]),
+            ("subjs", lambda d: ["subjs", "-d", d])
+        ]
+        
+        for domain in domains:
+            for tool_name, cmd_func in tools:
+                try:
+                    result = subprocess.run(
+                        cmd_func(domain),
+                        capture_output=True,
+                        text=True,
+                        timeout=self.timeout
+                    )
+                    
+                    if result.returncode == 0 and result.stdout:
+                        urls = [url.strip() for url in result.stdout.split('\n') if url.strip()]
+                        all_urls.extend(urls)
+                        
+                except Exception as e:
+                    log_progress(f"{tool_name} failed for {domain}: {e}")
+        
+        return self.deduplicator.deduplicate_list(all_urls)