1. Filter Proxy HTTP history to only show files with the js extension:2. Within Burp Suite's Proxy HTTP history, click the Filter bar at the top of the GUI.Burp Suite’s proxy history3. Mark the resulting list of JavaScript files and Copy URLs4. Save the URLs to a text file `js.txt`5. Use `wget -i js.txt` to download them6. Alternatively, you can use the developer tools of your browser, to download files one by one:
monitor(FUNCTION);// If Function Sends Json Objects function hookmonitor(FUNCTION);FUNCTION=function (ar ) {console.log("FUCNCTION called with arguments: "+JSON.stringify(ar));}// monitor Getter and Settermonitor(location.__lookupGetter__("hash"));monitor(location.__lookupSetter__("hash"));debug(location.__lookupGetter__("hash"));debug(location.__lookupSetter__("hash"));// Find Function$("").datepicker();
Break Points on modifications
- Write click on the tag or attribute
- select Break on
- Choose between options (attripute modification or asubtree modification)