deobfuscating-javascript-malware
Installation
SKILL.md
Deobfuscating JavaScript Malware
When to Use
- Investigating a phishing page with obfuscated JavaScript that performs credential harvesting or redirect
- Analyzing a web skimmer (Magecart-style) injected into an e-commerce site
- Deobfuscating a JavaScript dropper that downloads and executes second-stage malware
- Examining malicious email attachments containing HTML files with embedded obfuscated scripts
- Analyzing browser exploit kits that use heavy JavaScript obfuscation to hide exploit delivery
Do not use for obfuscated JavaScript that is merely minified production code; use a standard beautifier instead.