Jsmon.sh Blogs

Ultimate AppSecurity Solution for Javascript

Featured articles

S3 Bucket Takeover via JavaScript File – Bug Bounty Writeup

S3 Bucket Takeover via JavaScript File – Bug Bounty Writeup

What is NPM Dependency Confusion? How Organisation Namespace Issues Lead to RCE (2025 Guide)

What is NPM Dependency Confusion? How Organisation Namespace Issues Lead to RCE (2025 Guide)

What is Second Order Domain Takeover and how to find it?

What is Second Order Domain Takeover and how to find it?

Uncover Hidden URLs with Archived JavaScript Files: A Bug Bounty Recon Trick

Uncover Hidden URLs with Archived JavaScript Files: A Bug Bounty Recon Trick

Extract Hidden JS URLs using Katana

Extract Hidden JS URLs using Katana

100 Regex Patterns To Hunt Secrets Inside Javascript

100 Regex Patterns To Hunt Secrets Inside Javascript

JS Contextual API Hacking Checklist

JS Contextual API Hacking Checklist

Javascript Hacking on CLI for Pentesters (jsmon-cli)

Javascript Hacking on CLI for Pentesters (jsmon-cli)

Exploiting Mapbox API Tokens: Unauthorized Usage & Billing Abuse

Exploiting Mapbox API Tokens: Unauthorized Usage & Billing Abuse

A Burpsuite Extension For JS Reconnaissance - Jsmon

A Burpsuite Extension For JS Reconnaissance - Jsmon

How to monitor JS URLs with Jsmon.sh?

How to monitor JS URLs with Jsmon.sh?

S3 Bucket Takeover in H1702 LHE Worth $3000 Via Jsmon.sh

S3 Bucket Takeover in H1702 LHE Worth $3000 Via Jsmon.sh

05

Jul

S3 Bucket Takeover via JavaScript File – Bug Bounty Writeup

2 min read

07

Jun

What is NPM Dependency Confusion? How Organisation Namespace Issues Lead to RCE (2025 Guide)

3 min read

17

May

What is Second Order Domain Takeover and how to find it?

3 min read

15

May

Uncover Hidden URLs with Archived JavaScript Files: A Bug Bounty Recon Trick

2 min read

14

May

Extract Hidden JS URLs using Katana

2 min read