sourcemap-hunter
introduction in web security, javascript files are like a gold mine that security researchers use to understand how the app works but there is always 1 issue which is “minified code”, basically developers wants their code to run as fast as possible, so they remove spaces, rename variables with long names to 1 character and that basically makes our task harder because it’s really easy to get lost and feel overwhelmed pretty fast. there is something called, sourcemaps and it’s job is to help developers with debugging, if something went wrong sourcemaps can help developers match what went wrong in their minified javascript code with the original code and luckily we can use that, if the javascript file is called `app.js` sourcemaps are usually located at ‘app.js.map` and if the developers forgot to remove these sourcemaps from production, we as security researchers can reverse it to retrieve the unminified, original javascript code, which will make our task way easier. but there are 3 more...