During bug bounty hunting and penetration testing, one of the most time-consuming tasks is manually searching through JavaScript files to uncover hidden API endpoints, internal routes, and query parameters.

That's where my open-source Chrome extension — Extract — comes in handy. Built with real-world workflows in mind, this tool automates the discovery of endpoints directly from inline scripts and external JS files.

What is Extract?

Extract is a lightweight Chrome extension designed to scan any webpage and extract:

• Hidden API endpoints
• JavaScript paths and routes
• Query parameters (e.g., /api/users?id=123)
• Source information (where each URL was found)

Whether you're doing reconnaissance or analyzing third-party applications, Extract helps you find what matters — fast.

Why You Need Extract

As a bug hunter or pentester, time is precious. Here's how Extract saves you time and effort:

• ✅ Comprehensive Scanning: Automatically scans all JS files (inline + external)
• ✅ Clean Results: Removes duplicate URLs and organizes endpoints
• ✅ Multiple Export Formats: Export results as TXT, CSV, or JSON
• ✅ Live Filtering: Filter results in real-time using keywords
• ✅ Source Tracking: Toggle source info (shows which file the endpoint came from)
• ✅ Lightweight: Doesn't slow down your browser

Installation Guide

Follow these simple steps to install the extension:

1. Clone the repository:

git clone https://github.com/L0C4LH057/Extract.git

2. Navigate to the folder:

cd Extract

3. In Chrome, go to chrome://extensions
4. Enable "Developer mode" (toggle in top-right corner)
5. Click "Load unpacked" and select the Extract folder
6. Pin the extension to your toolbar for easy access

How to Use Extract

Once installed, using Extract is straightforward:

1. Open any target website (e.g., a bug bounty program)
2. Click the Extract icon in the Chrome toolbar
3. Click "Extract Endpoints"
4. Wait a few seconds while it scans the page
5. View the list of extracted URLs
6. Filter results using the search box
7. Export the results by clicking your preferred format (TXT, CSV, JSON)

Advanced Features

Extract includes several power-user features to enhance your workflow:

Custom Filters

Use the search box to filter endpoints by:

• Specific domains (api.target.com)
• Endpoint patterns (/v1/users)
• File extensions (.json, .php)

Export Options

Choose from three export formats:

• TXT: Simple list for quick reference
• CSV: For spreadsheet analysis
• JSON: For automated processing

Source Tracking

Enable "Show Sources" to see which JavaScript file each endpoint came from, helping you:

• Prioritize important files
• Understand application structure
• Identify third-party dependencies

Practical Use Cases

Extract shines in these scenarios:

Bug Bounty Recon

Quickly map out an application's API surface during initial reconnaissance to identify high-value targets.

Penetration Testing

Discover hidden endpoints that might contain vulnerabilities like IDOR, broken auth, or information disclosure.

Security Research

Analyze third-party scripts and track what data they're sending where.

Get Extract

Ready to boost your security workflow?

Final Thoughts

Extract is built with efficiency in mind. Whether you're mapping out an application's attack surface or preparing for a targeted assessment, this tool streamlines the process and gets you straight into the action.

If you're serious about hacking and automation, make sure to add Extract to your toolkit.

🔍 Happy Hunting,
Bashir Kabir Zarewa