NodeSecure/js-x-ray

Issues

• Try/Finally are not handled properly

  #312 opened a month ago by fraxken
  0

• EntryFilesAnalyser unable to follow Export declarations

  #298 opened 3 months ago by fraxken
  0

• Detect usage of dynamic RegExps

  #42 opened 3 years ago by fraxken
  5

• Implement a workspace to combine IA (GPT?) + JS-X-Ray

  #299 opened 8 months ago by fraxken
  0

• Roadmap (critical features/issues)

  #203 opened a year ago by fraxken
  3

• Deobfuscator doesn't properly handle FunctionDeclaration with id null

  #295 opened 8 months ago by fraxken
  0

• trace process.getBuiltinModule(id) as a new way to import in Node.js

  #278 opened 8 months ago by fraxken
  0

• EntryFilesAnalyser: detect recursion

  #290 opened 8 months ago by fraxken
  0

• One line require should not be detect as minified

  #283 opened 8 months ago by fraxken
  0

• detect system commands

  #280 opened 9 months ago by fraxken
  0

• os, http(s), dns -> exfiltration ?

  #279 opened 9 months ago by fraxken
  0

• Add deprecation warning to runASTAnalysis and runASTAnalysisOnFile

  #266 opened 9 months ago by fraxken
  1

• [AstAnalyser API] Implement analyseFileSync

  #265 opened 9 months ago by fraxken
  2

• [AstAnalyser] Add initialize and finalize callback to manipulate SourceFile

  #268 opened a year ago by fraxken
  0

• [WIP] Multiple-files / Multiple-steps analysis

  #267 opened a year ago by fraxken
  0

• Detect URL with IPs as unsafe-link

  #256 opened a year ago by fraxken
  2

• Add support for `ImportExpression`.

  #259 opened a year ago by jean-michelet
  1

• Rework SourceFile analysis strategy

  #237 opened a year ago by fraxken
  1

• Inject custom probes in AstAnalyser class

  #221 opened a year ago by fraxken
  0

• Migrate estree-ast-utils from tape to test_runner

  #225 opened a year ago by PierreDemailly
  2

• Migrate workspace sec-literal to Node.js test runner

  #233 opened a year ago by fraxken
  0

• Implement a new way to count and store occurences of Nodes

  #235 opened a year ago by fraxken
  1

• Refactor isRequire probe

  #220 opened a year ago by fraxken
  1

• Use JsSourceParser as default parser for AstAnalyser class

  #223 opened a year ago by fraxken
  2

• Refactor analysis variable to sourceFile

  #224 opened a year ago by fraxken
  1

• Consider Function('return this') as safe (but still need the Tracer to consider it as a globlal ref)

  #180 opened a year ago by fraxken
  0

• Customizable SourceParser

  #214 opened a year ago by fraxken
  0

• evaluate path.join for require?

  #178 opened a year ago by fraxken
  3

• Suspicious literal dead link

  #166 opened a year ago by PierreDemailly
  3

• fs-constants@1.0.0 index.js detected as minified

  #168 opened a year ago by fraxken
  6

• Split utils

  #208 opened a year ago by fraxken
  2

• minimatch@9.0.3 cjs/index.js detected as obfuscated code "morse"

  #170 opened a year ago by fraxken
  2

• Remove mockedFunction for Node.js test runner mock fn

  #188 opened a year ago by fraxken
  0

• wrong unsafe-import for pino-pretty@10.2.3/bin.js

  #177 opened a year ago by fraxken
  1

• Properly detect eval("require") as require

  #179 opened a year ago by fraxken
  1

• Fix badges in workspaces

  #183 opened a year ago by fraxken
  0

• Add missing Symbol.iterator on ASTDeps (TypeScript)

  #174 opened a year ago by fraxken
  0

• Migrate to an NPM workspace

  #165 opened a year ago by fraxken
  0

• SyntaxError: Illegal return statement

  #163 opened a year ago by fraxken
  0

• Add a source property to Warnings

  #159 opened a year ago by fraxken
  0

• Fix morse detection

  #144 opened 2 years ago by fraxken
  0

• parsing-error is missing from warnings list

  #129 opened 2 years ago by fraxken
  2

• HTML Comment Parsing Error

  #109 opened 2 years ago by cccs-kevin
  3

• Detect shady links

  #80 opened 2 years ago by fraxken
  1

• Short identifiers issue

  #41 opened 2 years ago by fraxken
  1

• Parsing error: depName.trim is not a function

  #59 opened 2 years ago by targos
  1

• New npmjs.com Release?

  #52 opened 2 years ago by cccs-kevin
  4

• Apply severity on warnings returned

  #37 opened 3 years ago by fraxken
  0

• Detect and throw warning for weak crypto hash algorithm

  #25 opened 3 years ago by fraxken
  5

• Add a severity property to warnings

  #26 opened 3 years ago by fraxken
  1