Tag Archives: javascript deobfuscation

Javascript Deobfuscation Tools Redux

Posted on September 23, 2014 by darryl

Back in 2011, I took a look at several tools used to deobfuscate Javascript. This time around I will use several popular automated and semi-automated/manual tools to see how they would fare against today’s obfuscated scripts with the least amount … Continue reading

Posted in Malscript, Tools | Tagged , , , , , , | Comments Off on Javascript Deobfuscation Tools Redux

Deobfuscating Javascript with Revelo

Posted on June 22, 2013 by darryl

I’ve been getting questions about how to use Revelo so this article will be a refresher on how to use it. You can find the tool here and play along if you like. We’ll be using Revelo to deobfuscate a … Continue reading

Posted in Malscript, Tools | Tagged , , | Leave a comment

Clever Redirect to Impact EK

Posted on February 7, 2013 by darryl

This malicious script was found on a somewhat popular website. Trying to find these things is like an Easter egg hunt. This particular one was clever in more ways than one. Here’s the external script file that’s hiding in plain … Continue reading

Posted in Exploit Packs, Malscript | Tagged , , | 121 Comments

Neosploit Gets Java 0-Day

Posted on September 1, 2012 by darryl

Neosploit has been popping up every once and awhile, quietly infecting users without a whole lot of attention. This past week, its author(s) decided to update Neosploit with the latest Java exploit. It now joins the likes of Blackhole and … Continue reading

Posted in 0-Day, Exploit Packs, Malscript | Tagged , , , , , | Leave a comment

Java 0-Day Using Latest Dadong’s JS Obfuscator

Posted on August 27, 2012 by darryl

Since everyone knows about this, I can finally share my piece. Here’s the landing page which is all Javascript. The script is using “Dadong’s JSXX 0.44 VIP” Javascript obfuscator. This isn’t the first time Dadong’s obfuscator has been used with … Continue reading

Posted in 0-Day, Malscript | Tagged , , | 3 Comments