Thursday, November 13, 2008


This will be old news to many, I presume, but I came across a very nifty tool called Malzilla in a security list today. Turns out it's just what I've been looking for. Doing IDS analysis, you come across a lot of obfuscated code in various formats: Jscript, Hex encoded, Base64, shellcode and the like. I'd never found one tool to help me quickly work though this until I found Malzilla. Primarily a malware analysis tool, it deobfuscates all of the above as well as having a hex viewer, a Pscript tool, and a URL deobfuscater. Very nice, free, and open source. If interested, you can grab the W32 binaries package at . Sweet! Many thanks to the author, Boban Spasic, as well as the other contributors to the project, found in the About tab of the tool.

No comments:

Blog Archive