ShipReady scans for the vulnerabilities that actually get exploited. Here's everything we check, why it matters, and how we keep your code safe.
SQL injection occurs when untrusted data is sent to a database interpreter as part of a query. Attackers can use this to read, modify, or delete data—or even take over your database server.
// Vulnerable code
const query = `SELECT * FROM users WHERE id = ${userId}`
db.execute(query)// Secure code const query = 'SELECT * FROM users WHERE id = ?' db.execute(query, [userId])
In 2024, a major e-commerce platform lost 40 million customer records due to a single SQL injection vulnerability in their search feature.
XSS attacks inject malicious scripts into web pages viewed by other users. This can steal session cookies, redirect users to malicious sites, or perform actions on behalf of victims.
// Vulnerable code element.innerHTML = userInput
// Secure code element.textContent = userInput // Or use a framework that auto-escapes
XSS vulnerabilities have been found in major platforms including Twitter, Facebook, and countless web applications, often leading to account takeovers.
Authentication bypass vulnerabilities allow attackers to access protected resources without valid credentials. This includes broken authentication, session management flaws, and improper access controls.
// Vulnerable code
if (req.query.admin === 'true') {
grantAdminAccess()
}// Secure code
if (await verifyAdminRole(session.userId)) {
grantAdminAccess()
}Authentication bypasses have led to breaches at major companies, exposing millions of user accounts and sensitive data.
Hardcoded secrets like API keys, passwords, and tokens in source code can be easily discovered by attackers who gain access to your codebase or public repositories.
// Vulnerable code const API_KEY = 'sk_live_abc123secret456' const DB_PASSWORD = 'supersecret'
// Secure code const API_KEY = process.env.API_KEY const DB_PASSWORD = process.env.DB_PASSWORD
GitHub reports that millions of secrets are leaked in public repositories every year, leading to unauthorized access and data breaches.
Path traversal attacks allow attackers to access files outside the intended directory by manipulating file paths with sequences like "../". This can expose sensitive configuration files, source code, or system files.
// Vulnerable code
const file = req.query.filename
fs.readFile(`./uploads/${file}`)// Secure code
const file = path.basename(req.query.filename)
const safePath = path.join('./uploads', file)
if (!safePath.startsWith('./uploads')) throw new Error()
fs.readFile(safePath)Path traversal vulnerabilities have been used to steal source code, configuration files with credentials, and sensitive business data.
Command injection occurs when user input is passed to system shell commands. Attackers can execute arbitrary commands on your server, potentially taking complete control.
// Vulnerable code
exec(`convert ${userFile} output.png`)// Secure code
execFile('convert', [userFile, 'output.png'])Command injection vulnerabilities have led to complete server compromises, cryptocurrency mining attacks, and ransomware deployments.
Using weak or broken cryptographic algorithms, improper key management, or incorrect implementation can render encryption useless, exposing sensitive data.
// Vulnerable code
const hash = crypto.createHash('md5')
const cipher = crypto.createCipher('des', key)// Secure code
const hash = crypto.createHash('sha256')
const cipher = crypto.createCipheriv('aes-256-gcm', key, iv)Weak cryptography has led to password database breaches where millions of passwords were cracked within hours.
SSRF vulnerabilities allow attackers to make requests from your server to internal resources, potentially accessing internal services, cloud metadata APIs, or other protected systems.
// Vulnerable code const url = req.query.url const response = await fetch(url)
// Secure code
const url = new URL(req.query.url)
if (!ALLOWED_HOSTS.includes(url.hostname)) {
throw new Error('Host not allowed')
}
const response = await fetch(url)SSRF attacks have been used to steal cloud credentials from metadata APIs, access internal admin panels, and pivot through corporate networks.
Connect your GitHub repository and get your first security scan in minutes.
Start Scanning FreeNo credit card required. Free tier includes 3 scans per month.