JS Deobfuscation is a Python script that deobfuscate JS code and it's time saver for you.

Overview

JS Deobfuscation

JS Deobfuscation is a Python script that deobfuscates JS code and it's time saver for you. Although it may not work with high degrees of obfuscation, it's a pretty nice tool to help you even if it's just a bit. You can see some example in the examples/ folder. This idea came to me when I saw an obfuscated script on GitHub. I reversed it for sure lmao. All these examples are extracted from GitHub. There are some references in the script's header.

Usage

~$ git clone https://github.com/quatrecentquatre-404/js-deobfuscator
~$ cd js-deobfuscator
~$ python3 main.py <source.js>

Patterns

The OSA (obfuscated strings array)

There are some patterns that can be easily exploited using RegExp to deobfuscate a code. First of all, majore of online obfuscator declare an array at the top of the code which contain many strings. During the runtime, the code refers to this array to get some string. By example :

const strings = ["fs"]
const fs = require(strings[0])

Can be seen as

const _0x1e5f=["\x66\x73"],_0x1e6a=require(_0x1e5f[0])

So, first of all, the script tries to get this array to replace references by strings themselves and then it removes the array.

The OSA shuffler (not supported yet)

The OSA shuffler is a function called just after the OSA declaration that shuffle all elements inside. Also, it's called before any reference to it, because after this process, references index aren't same than before. By example :

const strings = ["fs", "./any.json"]
const fs = require(strings[0])
const anyJson = require(strings[1])

Can be seen as

const _0x1e5f=["\x66\x73", "\x2e\x2f\x61\x6e\x79\x2e\x6a\x73\x6f\x6e"];(function(osa, ...){ /* Anonymouse function that shuffles the OSA */})(_0x1e5f, ...);const _0x1e6a=require(_0x1e5f[1]),_0x1e71=require(_0x1e5f[0]);

It's an arbitraty example right there, because the indexes 0 and 1 might not change. But with a huge OSA, it will be shuffled for sure.

You might also like...
OpenTOTP is yet another time-based, one-time passwords (OTPs) generator/verifier inspired by RFC 6238.

OpenTOTP is yet another time-based, one-time passwords (OTPs) generator/verifier inspired by RFC 6238. It generates and validates OTPs based

A python base script from which you can hack or clone any person's facebook friendlist or followers accounts which have simple password

Hcoder This is a python base script from which you can hack or clone any person's facebook friendlist or followers accounts which have simple password

A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.
A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.

A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.

This script allows you to make a onion host instantly.

Installation It only works in Debian based Linux distros. Clone the repo: git clone https://github.com/0xStevenson/Auto-Tor-Host.git Go to the direct

Vulnerability Scanner & Auto Exploiter You can use this tool to check the security by finding the vulnerability in your website or you can use this tool to Get Shells
Vulnerability Scanner & Auto Exploiter You can use this tool to check the security by finding the vulnerability in your website or you can use this tool to Get Shells

About create a target list or select one target, scans then exploits, done! Vulnnr is a Vulnerability Scanner & Auto Exploiter You can use this tool t

This Repository is an up-to-date version of Harvard nlp's Legacy code and a Refactoring of the jupyter notebook version as a shell script version.
This Repository is an up-to-date version of Harvard nlp's Legacy code and a Refactoring of the jupyter notebook version as a shell script version.

This Repository is an up-to-date version of Harvard nlp's Legacy code and a Refactoring of the jupyter notebook version as a shell script version.

Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.

DOME - A subdomain enumeration tool Check the Spanish Version Dome is a fast and reliable python script that makes active and/or passive scan to obtai

A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources to make Ubuntu 20.04 capable of both offensive and defensive security work.

infosec-fortress A python script to turn Ubuntu Desktop into a strong DFIR/RE System with some teeth (Purple Team Ops)! This is intended to create a s

This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to the attack classes defined and curated malapi.io.

F2Amapper This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to

Owner
Quatrecentquatre
French programmer : Python, JavaScript, Bash, PHP, HTML / CSS, Assembly Language Intel x86. I also do some reverse enrineering on APIs.
Quatrecentquatre
Workshop Material on VM-based Deobfuscation

Analysis of Virtualization-based Obfuscation This repository contains slides, samples and code of the 4h code deobfuscation workshop at r2con2021. We

Tim Blazytko 133 Dec 18, 2022
Deobfuscate Log4Shell payloads with ease

Ox4Shell Deobfuscate Log4Shell payloads with ease. Description Since the release

Oxeye 137 Jan 2, 2023
Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password

Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password

Matt Creel 27 Dec 20, 2022
This program will brute force any Instagram account you send it its way given a list of proxies.

Instagram Bruter This program will brute force any Instagram account you send it its way given a list of proxies. NOTICE I'm no longer maintaining thi

null 1 Nov 15, 2021
DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by launching a dictionary based attack against a webserver and analyse its response.

DirBruter DirBruter is a Python based CLI tool. It looks for hidden or existing directories/files using brute force method. It basically works by laun

vijay sahu 12 Dec 17, 2022
A python package with tools to read and postprocess the output of the channel DNS-solver (davecats/channel), as well as its associated postprocessing tools.

Python tools for davecats/channel A python package with tools to read and postprocess the output of the channel dns solver, as well as its associated

Andrea Andreolli 1 Dec 13, 2021
labsecurity is a framework and its use is for ethical hacking and computer security

labsecurity labsecurity is a framework and its use is for ethical hacking and computer security. Warning This tool is only for educational purpose. If

Dylan Meca 16 Dec 8, 2022
BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.

Follow us on Twitter! BoobSnail BoobSnail allows generating XLM (Excel 4.0) macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro gen

STM Cyber 232 Nov 21, 2022
A collection of intelligence about Log4Shell and its exploitation activity

Log4Shell-IOCs Members of the Curated Intelligence Trust Group have compiled a list of IOC feeds and threat reports focused on the recent Log4Shell ex

Curated Intel 172 Nov 17, 2022
Instagram brute force tool that uses tor as its proxy connections

Insta-crack This is a instagram brute force tool that uses tor as its proxy connections, keep in mind that you should not do anything illegal with thi

Liam 3 Jan 28, 2022