Use burp's JS static code analysis on code from your local system. Here's generally how the process works:
Go static file server is started to host the specified directory
Add file server URL to burp's scope
Walk the directory
For every file make a request to the file server
Send the raw request and response to burp's passive scanner through burpbuddy
Issues can be seen in burp
more here..........https://github.com/tomsteele/burpstaticscan
Go static file server is started to host the specified directory
Add file server URL to burp's scope
Walk the directory
For every file make a request to the file server
Send the raw request and response to burp's passive scanner through burpbuddy
Issues can be seen in burp
more here..........https://github.com/tomsteele/burpstaticscan