web-analyzer 0.1.11

Enterprise domain security & intelligence platform — WHOIS, DNS, SEO, tech detection, subdomain takeover, API security scanning, and more
Documentation
# Feature Request: JavaScript Source Map Extractor & Decompiler

## Overview
Modern web apps (React, Svelte, Angular) compile and minify their JavaScript, making it hard to read. However, developers often accidentally deploy `.js.map` (Source Map) files to production. These files allow attackers to completely reconstruct the original, unminified source code, including comments and hardcoded internal variables.

We need a module that actively hunts for these source maps and decompiles them to feed into our `advanced_content_scanner`.

## Implementation Requirements

1. **New Module**: Create `src/source_map_extractor.rs`.
2. **Detection Logic**:
   - Crawl the target for `.js` files.
   - Look for the `//# sourceMappingURL=` comment at the bottom of the JS file.
   - If missing, blindly append `.map` to the JS URL (e.g., `app.js.map`) and check for a `200 OK`.
3. **Decompilation**:
   - Download the JSON `.map` file.
   - Parse the `sourcesContent` array which contains the raw TypeScript/JavaScript files.
4. **Secret Scanning Integration**:
   - Stream the decompiled source code directly into the existing `SECRET_PATTERNS` regex engine to hunt for hidden AWS keys, API tokens, and developer comments.

## Why is this Pro-Level?
Finding source maps is like finding the blueprints to a bank vault. Automating the extraction and secret-scanning of source maps is an advanced technique that often yields critical vulnerabilities in Bug Bounties.