Information, tools and how-to's for the new intrusion analyst. Mentoring by blogging.
Tuesday, February 19, 2013
JavaScript Deobfuscation
I came across this site by accident (it was mentioned in the comments of a Storm Center Diary article). It's a nice site to help deobfuscate JavaScript called, appropriately enough, deobfuscatejavascript.com. Heed the warnings they post and realize if the malware doesn't use the eval() or write() functions, which are trapped by the site, the code could execute in your browser. I run a Linux box that has VirtualBox installed, running another virtual Linux machine, with Firefox on it running no-script. Use a sandbox when checking out code or sites. Or you will probably end up getting owned at some point.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment