Useful during analysis of malicious sites
Yesterday in my twitter stream i’ve seen this tweet by Florian Roth:
There are a lot of tools (online or standalone) that can help the analyst during this step, but IlluminateJs from my point orf view is one of the most complete and accurate.
Consider it like JSDetox, but on steroids.
IlluminateJs core is a Babel compiler plugin and it works entirely in your browser, no server interaction is needed to perform deobfuscation.
- Extended constant propagation
- Array mutators tracking
- Mixed-type expressions evaluation
- Function calls evaluation
- Built-in function evaluation
- Loops evaluation
- Procedure inlining