JavaScript-Sourced URLs
Extracts API endpoints and routes embedded in JavaScript files that are invisible to standard crawlers.
RECON
Free account required
URL Finder
Discover hidden endpoints, admin paths, and API routes from any web application.
Crawls a target URL to extract all linked endpoints, JavaScript-sourced routes, sitemap entries, and robots.txt exclusions. Identifies hidden API routes, admin panels, and unlinked pages that scanning tools miss.
What it detects
JavaScript-Sourced URLs
Admin and Sensitive Paths
API Route Patterns
Robots.txt Disallowed Paths
Detection capabilities
What URL Finder finds
Admin and Sensitive Paths
Identifies paths matching admin panel patterns (/admin, /dashboard, /management) and backup files.
API Route Patterns
Discovers REST and GraphQL API routes from JS bundles, source maps, and inline scripts.
Robots.txt Disallowed Paths
Enumerates paths explicitly excluded from crawlers — often the most sensitive areas of the application.
Step-by-step guide
How to use URL Finder
Enter target URL
Provide the base URL of the web application. The tool crawls same-origin links automatically.
Set crawl depth
Choose shallow (index only), medium (2 levels), or deep (full crawl with JS extraction).
Review endpoint map
Filter results by path pattern, response code, or content type to find the most valuable targets.
Keep going
Related tools
RECON
Subdomain Finder
Enumerate subdomains via DNS records, certificate transparency logs, and brute-force.
Use tool →
RECONANALYSIS
JS Recon
Extract API keys, internal endpoints, and auth tokens from JavaScript files.
Use tool →
RECONANALYSIS
URL Analysis
Find open redirects, SSRF indicators, and injection points in any URL.
Use tool →
RaSEC Platform
Run URL Finder as part of an overnight hunt.
All 8 tools in coordinated sequence
Deterministic reproduction
Copy-paste PoC reports
No credit cardCancel anytimeFree forever tier