Analysis

Explore just some of the ways that jswzl helps you understand applications, and find bugs.
01
- DESCRIptors
fingerprint

Extract Descriptors from code

The code is annotated with Descriptors, describing the constituent parts of the code relevant to testers.
1
api/users/1
2
3
/scripts/main.js
4
5
rest/v1/admin/info
6
 
String Expressions
Find paths, secrets, GraphQL queries, and other pertinent text content.
1
const httpOptions = {
2
  method: 'POST',
3
  headers: {
4
   'api-key': 'secret'
5
  }
6
}
Object Schemas
Find objects that match specific schemas, for things like HTTP options, route definitions, and other objects.
1
const resp = await fetch(
2
    url,
3
    httpOptions
4
);
5
  
6
  
Call Patterns
Find method calls to things like HTTP/Ajax requests and other relevant sinks.
1
localStorage.setItem("token", "....");
2
3
document.cookie = "...";
4
5
window.addEventListener("message", ...);
6
 
Client Behavior
Find client-side behavior that that influences the behavior of the application.
02
- Analysis engine
fingerprint

Advanced Analysis Engine

The analysis engine in jswzl combines a number of multi-pass Abstract Syntax Tree walkers and interpreter, creating a semantic understanding of the source code.

Reference Resolver
The static analysis engine will attempt to resolve all references where possible, ensuring that it utilizes the most complete semantic understanding of the code.
String Resolver
A number of expression types are then resolved into their complete string representations for the extractors to utilize.
Extractors
Extractors are run recursively on the tree to enrich it, and finally extracting all relevant expressions.
Filters
Filters are applied to reduce noise, and other results that do not provide value for analysis and testing purposes.
03
- Extractors
fingerprint

Extractor highlights

Some of the many built-in extractors in jswzl. Note that this list is not complete.

String Expressions
Secrets
Amazon Web Services Keys
Google Cloud Platform Keys
Key Name
Base64 encoded
JWT
GUID
Paths
Path
Query String
API Path
API Version Path
GraphQL
Supports most types of GraphQL, based on the Hot Chocolate parser.
Extensions
Detect paths with a large list of common extensions.
Call Patterns
HTTP Call
  • fetch
  • Generic HTTP call
jQuery
  • Ajax call
Angular
Controller
Module
Service
Factory
Directive
Constant
Component
When Route
Client Behavior
Document
  • cookie
  • Generic HTTP call
Storage
  • Local Storage
  • Session Storage
Events
addEventListener
onMessage
postMessage
Object Schemas
HTTP Options
  • Fetch HTTP Options
  • Generic HTTP Options
jQuery
  • Ajax HTTP Options
Features
FeaturesPre-analysisOptimizationAnalysisResultsBurp Suite
Help
InstallationRelease NotesFAQ
Company
Blog
jswzl aps
This is some text inside of a div block.