Traditional machine learning methods for detecting JavaScript malicious code have the problems of complex feature extraction process, extensive computation, and difficult detection due to malicious code confusion, which are not conducive to the current requirements of JavaScript malicious code detection accuracy and real-time. This paper proposes a bi-directional long and short-time neural network (BiLSTM) based on an attention mechanism for JavaScript malicious code detection. Firstly, the obtained sample data will be deconfused, disambiguated, and vectorized to obtain the normalized data adapted to the neural network input. Second, the proposed algorithm is used to train the vectorized data and learn the abstract features of the JavaScript malicious code. Finally, the learned features are used to classify the code. The method is compared with deep learning methods and mainstream machine learning methods, and the results show that the method has a high accuracy and low false alarm rate.