reconftw icon indicating copy to clipboard operation
reconftw copied to clipboard

Published 20 hours ago verified publisher icon six2dez

Too many false positives when checking JS files

Open daffainfo opened this issue 2 years ago • 2 comments

Description

There is a lot of false positives when reconftw checking JS files

image

Solution

I think we cannot depend the js checking to public nuclei templates

daffainfo avatar Sep 17 '22 02:09 daffainfo

Hey man! Thanks for the feedback. Honestly I think nuclei's templates with exposure and token tags are the largest public repo out there of JS secrets discovery: https://github.com/six2dez/reconftw/blob/5178addf189555bd9a2b5fee98d9717db33a3fc3/reconftw.sh#L1430

What I can do for improving it is moving the nuclei arguments from JS secrets to the config variables and add severity flag to check only for medium or upper, like is working now for webs and subdomains scans: https://github.com/six2dez/reconftw/blob/5178addf189555bd9a2b5fee98d9717db33a3fc3/reconftw.cfg#L93

Does this sound good to you?

six2dez avatar Sep 17 '22 09:09 six2dez

Hey @daffainfo, I don't consider them as false positives. Because Nuclei made a request to the above endpoints and it gave 200 OK status code hence they were considered valid. And thats how it should work.

When using automated tools like Gospider(which was used to find them) & Nuclei you are bound to get results like this.

sidxparab avatar Sep 17 '22 13:09 sidxparab

Fixed https://github.com/six2dez/reconftw/commit/af0c8b3daac02ce3b46e538d81dde2bbb70e0573

six2dez avatar Oct 02 '22 21:10 six2dez