JavaScript Deobfuscation

JavaScript Deobfuscation  Easy

This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.

Created by 21y4d

To start this course Sign Up!

Summary

Many malicious actors tend to obfuscate their code to avoid it being detected by systems or understood by other developers.

The ability to deobfuscate code is a useful technique that can be applied to various real-world scenarios. It is useful on web application assessments to determine if a developer has used "security by obscurity" to hide JavaScript code containing sensitive data. It can also be useful for defenders when, for example, attempting to deobfuscate code that was responsible for the Phishing website used in an attack.

In this module, you will learn the basics of deobfuscating and decoding JavaScript code and will have several exercises to practice what you learned.

You will learn the following topics:

  • Locating JavaScript code
  • Intro to Code Obfuscation
  • How to Deobfuscate JavaScript code
  • How to decode encoded messages
  • Basic Code Analysis
  • Sending basic HTTP requests

Our final exercise in this module will open a door for many other challenges and exercises in Hack The Box!


Requirements

It is recommended to take the Web Requests module before this one to get a general understanding of how HTTP requests work. If you are already familiar with them, then you should be able to start this module.

Sections

  • Introduction
  • Source Code
  • Code Obfuscation
  • Basic Obfuscation
  • Advanced Obfuscation
  • Deobfuscation
  • Code Analysis
  • HTTP Requests
  • Decoding
  • Skills Assessment
  • Summary

Relevant Paths

This module progresses you towards the following Paths

Card image
Cracking into Hack the Box

Easy 43 Sections

Cubes Required: 30

To be successful in any technical information security role, we must have a broad understanding of specialized tools, tactics, and terminology. This path introduces core concepts necessary for anyone interested in a hands-on technical infosec role. The modules also provide the essential prerequisite knowledge for joining the main Hack The Box platform, progressing through Starting Point through easy-rated retired machines, and solving "live" machines with no walkthrough. It also includes helpful information about staying organized, navigating the HTB platforms, common pitfalls, and selecting a penetration testing distribution. Students will complete their first box during this path with a guided walkthrough and be challenged to complete a box on their own by applying the knowledge learned in the Getting Started module.

 Web Requests

Fundamental 9 Sections

Web applications provide a large potential attack surface and need to be secured properly. A firm grasp of the basics of how applications communicate is critical for anyone interested in learning how to assess and attack web applications.

 JavaScript Deobfuscation

Easy 11 Sections

This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.

 Getting Started

Fundamental 23 Sections

This module covers the fundamentals of penetration testing and an introduction to Hack The Box.

To start this course Sign Up!