1 - Finding Hidden Endpoints via Regex : 
grep -Eo '("|\\')(/[^"']+)("|\\')' *.js | sort -u
This will list all directory references found in the JavaScript files.

2 - Detecting GET Requests and Other HTTP Methods : 
	fetch("/api/v1/data")
	axios.get("/user/profile")
However, POST, PUT, and DELETE requests may not be as obvious. Look for fetch() and axios methods with different HTTP verbs:
	fetch("/api/v1/update", { method: "POST" })
	axios.post("/user/update", { data: userData })
	
	Using regex:
	grep -Eo 'fetch\\([^)]*\\)|axios\\.[a-z]+' *.js | sort -u

3 - One of the simplest but most effective techniques for finding hidden API calls in JavaScript files is using Ctrl + F and searching for common patterns such as: 
Single or double quotes (' or ")
API-related keywords like endpoint
url
request
fetch
ajax
GET
POST 
XMLHttpRequest()
Strings that contain /api/, /v1/, /data/, /secure/

4 - Looking for Encoded or Obfuscated EndpointsSome JavaScript files encode API endpoints using Base64, hex, or other encoding techniques. Example:
const endpoint = atob('L2FwaS91c2Vycy8='); // Decodes to `/api/users/`
fetch(endpoint)
  .then(response => response.json())
  .then(data => console.log(data));
In such cases, decoding these strings manually can reveal hidden endpoints.

5 - Checking WebSocket and Event ListenersSometimes, applications use WebSockets or Event Listeners to handle real-time data. Looking for 
.addEventListener('message') or new WebSocket() can help uncover additional endpoints that standard API calls do not cover.