Deobfuscation Blog Articles

Browse all posts in the Deobfuscation category.

Check Full Blog

Sort By

Anti-bot

HD Anti-Bot: Part 1, deobfuscation and decryption

In this post, I will be covering a dynamic JavaScript and Java anti-bot solution...

obfio

October 23, 2025

Anti-bot

Twitter Header: Part 1, Deobfuscation

In this blog I'll be doing web reverse-engineering on Twitter. For context, I ha...

obfio

September 3, 2025

Virtual Machines

Dissecting Shape Security's Virtual Machine

A technical walkthrough of Shape Security's JavaScript VM-based protection — unp...

svebaa

February 12, 2024

Deobfuscation

BLAZING FAST JS - Part I

In today's article we will look over file manipulation and debugging of NodeJS a...

Nero

February 3, 2024

Anti-bot

ShapeSecurity's Javascript VM: Part 1

ShapeSecurity's Javascript Virtual Machine(VM) has a remarkable reputation for b...

botting.rocks

January 30, 2024

Anti-bot

ShapeSecurity's Javascript VM: Part 2

In previous part, we talked about the VM Internals especifically about the VM Ma...

botting.rocks

January 24, 2024

Anti-bot

ShapeSecurity's Javascript VM: Part 3

Okay, now that we have finished talking about the VM Machinery in part 1 and the...

botting.rocks

January 17, 2024

Deobfuscation

Babel Traverse - Part 3 - Diving a little in the actual @babel/traverse's traverse

Today we are diving a little to see how @babel/traverse

Nero

December 26, 2023

Anti-bot

Deobfuscating Imperva's utmvc Anti-Bot Script

The second part of deobfuscating Imperva's utmvc anti-bot script — diving deeper...

yog

March 4, 2023

Anti-bot

Deobfuscating Imperva's utmvc Anti-Bot Script

In part 1 we successfully revealed all of the strings in the script. In this par...

yog

March 4, 2023

Deobfuscation

Babel Traverse - Part 2 - @babel/traverse's traverseFast

enter: (node: t.Node, opts?: any) => void,

Nero

February 12, 2023

Deobfuscation

Babel Traverse - Part 1 - Taking a look at how @babel/traverse works

Of course, we used it on this blog to reverse engineer a good part of Incapsula ...

Nero

February 7, 2023

Deobfuscation

Javascript obfuscation techniques by example

Sometimes when working on scraping some website you look into JavaScript code an...

rl1987

July 10, 2022

Deobfuscation

Deobfuscating Javascript via AST: A Peculiar JSFuck-esque Case-ReverseJS

This article assumes a preliminary understanding of Abstract Syntax Tree structu...

SteakEnthusiast

June 14, 2022

Deobfuscation

Deobfuscating Javascript via AST: Removing Dead or Unreachable Code-ReverseJS

This article assumes a preliminary understanding of Abstract Syntax Tree structu...

SteakEnthusiast

June 4, 2022

Deobfuscation

Deobfuscating Javascript via AST: Replacing References to Constant Variables with Their Actual Value-ReverseJS

This article assumes a preliminary understanding of Abstract Syntax Tree structu...

SteakEnthusiast

May 31, 2022

Deobfuscation

Deobfuscating Javascript via AST: Converting Bracket Notation => Dot Notation for Property Accessors-ReverseJS

Deobfuscating Javascript via AST: Converting Bracket Notation => Dot Notation fo...

SteakEnthusiast

May 28, 2022

Deobfuscation

Deobfuscating Javascript via AST: Constant Folding/Binary Expression Simplification-ReverseJS

This article assumes a preliminary understanding of Abstract Syntax Tree structu...

SteakEnthusiast

May 28, 2022

Deobfuscation

Deobfuscating Javascript via AST: Reversing Various String Concealing Techniques-ReverseJS

This article assumes a preliminary understanding of Abstract Syntax Tree structu...

SteakEnthusiast

May 22, 2022

Deobfuscation

An Introduction to Javascript Obfuscation & Babel-ReverseJS

Welcome to the first article in my series about Javascript deobfuscation. I won’...

SteakEnthusiast

May 21, 2022

Virtual Machines

Writing Disassemblers for VM-based Obfuscators

A deep dive into building disassemblers for virtual machine-based code obfuscati...

Tim Blazytko

October 21, 2021

Anti-bot

ANTIBOTS - PART VII

We've been through quite a ride till now, but it only gets better. Today we'll t...

Nero

May 11, 2021

Anti-bot

ANTIBOTS - PART VI - Giving our script a few little tweaks

Our script got to be pretty beautiful, we might say. But, let's look at some sni...

Nero

May 9, 2021

Anti-bot

ANTIBOTS - PART V - Making sense of the Incapsula script and decoding functions

Last time, we've made great progress in making the script a little more human-fr...

Nero

May 8, 2021

Anti-bot

ANTIBOTS - PART III - Taking a look at the first part of the Incapsula antibot

NodeJSinstalled, a text editor or IDE (in my case I useVSCode) and most preferab...

Nero

May 7, 2021

Anti-bot

ANTIBOTS - PART IV - Taking a look at the decoded Incapsula Script

We've got over the first part! After beautifying the file, it looks something li...

Nero

May 7, 2021

Anti-bot

ANTIBOTS - PART I - A short introduction to the Sneaker Development Industry and Antibots

Let’s imagine for a second you want to bot a website. Though, why would you wann...

Nero

May 6, 2021

Anti-bot

ANTIBOTS - PART II - What is AST Manipulation, What is Regex, Why Would I Prefer One Over The Other?

We got to the point I’ve been waiting for: AST Manipulation and Regex.

Nero

May 6, 2021

Deobfuscation

Tackling JavaScript Client-side Security (Part 1)

Jscrambler, a leader in JavaScript Client-side security makes claims to “Bullet-...

nullpt.rs

February 18, 2019