The Endpoints Extractor by YogSec is a Bash script designed to extract URLs and API endpoints from the HTML, JavaScript, and JSON content of web pages.
- Scan a single URL or a list of URLs.
- Extract URLs from HTML, JavaScript, and JSON content.
- Save the results to a file for further analysis.
- Simple and user-friendly interface.
- Bash: Ensure you are running the script in a Bash shell environment.
- cURL: The script uses
curlto fetch web page content. - grep: Used to extract URLs from the content.
- sort: Ensures the URLs are unique.
./find_urls_endpoints.sh -h./find_urls_endpoints.sh -u <URL>Example:
./find_urls_endpoints.sh -u https://example.com./find_urls_endpoints.sh -l <FILE>Example:
./find_urls_endpoints.sh -l urls.txt./find_urls_endpoints.sh -u <URL> -s <OUTPUT_FILE>Example:
./find_urls_endpoints.sh -u https://example.com -s results.txtScan a list of URLs and save results to a file:
./find_urls_endpoints.sh -l urls.txt -s endpoints.txt-u <URL>: Specify a single URL to scan.-l <FILE>: Specify a file containing a list of URLs.-s <FILE>: Save the output to the specified file.-h: Display the help message.
For the URL https://example.com, the script may output:
https://example.com/api/v1/users
https://example.com/assets/js/script.js
https://cdn.example.com/library.js
- Error: Either -u or -l must be specified: Ensure you provide a URL with
-uor a file with-l. - Error: File does not exist: Verify the file path is correct.
- Empty Output: Ensure the target URL or file contains valid HTML, JS, or JSON content with endpoints.
