Skip to main content
Glama
telmon95

VulneraMCP

by telmon95
OverviewInspectSchemaRelated ServersScoreDiscussions
TypeScript
Hybrid

js.find_endpoints

Extract API endpoints, URLs, and paths from JavaScript source code to identify potential attack surfaces for security testing.

Instructions

Extract API endpoints, URLs, and paths from JavaScript code

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
sourceYesJavaScript source code

Implementation Reference

  • src/tools/js.ts:91-128 (handler)
    The main handler function for the 'js.find_endpoints' tool. It extracts full URLs, relative paths starting with '/', and API endpoints using regex patterns from the JavaScript source code, deduplicates the results, and returns a structured ToolResult.
    async ({ source }: any): Promise<ToolResult> => { try { // Find full URLs const urlRegex = /\bhttps?:\/\/[\w\-\.:%]+[\w\-\/_\.\?\=\%\&\#]*/g; const urls = Array.from(new Set(source.match(urlRegex) || [])); // Find relative paths const pathRegex = /["'`](\/[-a-zA-Z0-9_@:\/\.]+)["'`]/g; const paths: string[] = []; let match: RegExpExecArray | null; while ((match = pathRegex.exec(source)) !== null) { paths.push(match[1]); } // Find API endpoints (common patterns) const apiRegex = /(?:api|endpoint|url|path)[\s:=]+["'`]([^"'`]+)["'`]/gi; const apiEndpoints: string[] = []; while ((match = apiRegex.exec(source)) !== null) { apiEndpoints.push(match[1]); } const uniquePaths = Array.from(new Set(paths)); const uniqueApis = Array.from(new Set(apiEndpoints)); return formatToolResult(true, { urls, paths: uniquePaths, apiEndpoints: uniqueApis, summary: { totalUrls: urls.length, totalPaths: uniquePaths.length, totalApis: uniqueApis.length, }, }); } catch (error: any) { return formatToolResult(false, null, error.message); } }
  • src/tools/js.ts:82-90 (schema)
    Input schema definition for the 'js.find_endpoints' tool, requiring a 'source' string containing JavaScript code.
    description: 'Extract API endpoints, URLs, and paths from JavaScript code', inputSchema: { type: 'object', properties: { source: { type: 'string', description: 'JavaScript source code' }, }, required: ['source'], }, },
  • src/tools/js.ts:80-129 (registration)
    The registration of the 'js.find_endpoints' tool using server.tool() inside the registerJsTools function.
    'js.find_endpoints', { description: 'Extract API endpoints, URLs, and paths from JavaScript code', inputSchema: { type: 'object', properties: { source: { type: 'string', description: 'JavaScript source code' }, }, required: ['source'], }, }, async ({ source }: any): Promise<ToolResult> => { try { // Find full URLs const urlRegex = /\bhttps?:\/\/[\w\-\.:%]+[\w\-\/_\.\?\=\%\&\#]*/g; const urls = Array.from(new Set(source.match(urlRegex) || [])); // Find relative paths const pathRegex = /["'`](\/[-a-zA-Z0-9_@:\/\.]+)["'`]/g; const paths: string[] = []; let match: RegExpExecArray | null; while ((match = pathRegex.exec(source)) !== null) { paths.push(match[1]); } // Find API endpoints (common patterns) const apiRegex = /(?:api|endpoint|url|path)[\s:=]+["'`]([^"'`]+)["'`]/gi; const apiEndpoints: string[] = []; while ((match = apiRegex.exec(source)) !== null) { apiEndpoints.push(match[1]); } const uniquePaths = Array.from(new Set(paths)); const uniqueApis = Array.from(new Set(apiEndpoints)); return formatToolResult(true, { urls, paths: uniquePaths, apiEndpoints: uniqueApis, summary: { totalUrls: urls.length, totalPaths: uniquePaths.length, totalApis: uniqueApis.length, }, }); } catch (error: any) { return formatToolResult(false, null, error.message); } } );

This server cannot be installed

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/telmon95/VulneraMCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server