JavaScript files contain an increasing amount of information about server endpoint. Existing tools use regex search patterns to extract this information statically. This kind of approach has several limitations. With static code analysis, we can get more accurate results with less false positives. This talk will cover how to use static code analysis to achieve this goal.Endpoint Finder is a tool that extracts endpoint URL from JavaScript file. It also provides information about the method and the parameters of each endpoint. The tool is available as a plugin for Burp and Zap.