50+ security rules to
keep your JavaScript repositories secure.

Test your JavaScript code for 60+ security rules.

Reshift detects security vulnerabilities from SANS 25 and OWASP Top 10

The full list of security issues

Security coverage and accuracy are a priority for us. Reshift covers 62 security rules, the following are all of the security categories the JavaScript scanner detects in your custom code.

1. Command Injection
2. SQL Injection
3. NoSQL Injection
4. Insecure Code Execution
5. Insecure Access to File System
6. ZipSlip
7. Stored Cross-Site Scripting
8. Reflected Cross-Site Scripting
9. DOM-Based Cross-Site Scripting
10. Potential Backdoor
11. Prototype Pollution
12. Insecure Deserialization
13. XML External Entity Injection
14. XPath Injection
15. Unvalidated Dynamic Method Call
16. XML Entity Expansion
17. Insecure File upload
28. Insecure Comparison Check
19. Insecure Regex Expression
20. Insecure Input Validation

21. Insecure Encoding
22. Insecure Input Sanitization
23. Insecure Format String
24. Sensitive Data Exposure
25. Sensitive Data Leakage
26. Insecure Logging
27. Insecure Cryptographic Algorithm
28. Insecure Random Number Generation
29. CORS Misconfiguration
30. Cross-Site Request Forgery
31. Missing X-Frame Options
32. Password in Configuration File
33. Client-side URL Redirection
34. Server-side URL Redirection
35. Host Header Poisoning
36. Missing Rate Limit
37. Security Control Bypass
38. Parameter Tampering
39. Denial of Service
40. Insecure Hashing Algorithm
41. Server-Side Request Forgery

For the complete list of security rules for each language visit our documentation here.

Ready to get started?

A light-weight JavaScript code security tool built for developers to code securely, fix quickly, and deploy fast.