This tool is designed to assist analyists in deobfuscating malicious Javascripts. It does not interpret HTML so any HTML must be
removed in order to properly deobfuscate the code. The script must also be free of syntax errors for proper results. Blackhole landing pages and exploit kits
employ obfuscation in order to hide the intent of the code while decreasing the likelihood of detection. When scripts are packed, the original code becomes
data and the visible code is the deobfuscation routine. During execution the data is unpacked by the routine and the result is a string that must be
evaluated as code in order to execute. This deobfuscation tool works by returning that string of code rather than evaluating it. It is then beautified for
easy reading. Many thanks to the folks at jsbeautifier.org for sharing the code that makes deobfuscated Javascript pretty again. You can visit their site by
clicking
here.
*NOTE - Code analyzed by this tool
will execute in your browser. This tool is only designed to intercept calls made to the eval() and write() functions which are commonly used as the final
function in malicious Javascripts. Some malicious scripts may not employ these functions and may therefore infect your browser..
Not yet deobfuscated ? Press Deobfuscate button twice !