This tool is designed to assist analyists in deobfuscating malicious Javascripts. It does not interpret HTML so any HTML must be removed in order to properly deobfuscate the code. The script must also be free of syntax errors for proper results. Blackhole landing pages and exploit kits employ obfuscation in order to hide the intent of the code while decreasing the likelihood of detection. When scripts are packed, the original code becomes data and the visible code is the deobfuscation routine. During execution the data is unpacked by the routine and the result is a string that must be evaluated as code in order to execute. This deobfuscation tool works by returning that string of code rather than evaluating it. It is then beautified for easy reading. Many thanks to the folks at jsbeautifier.org for sharing the code that makes deobfuscated Javascript pretty again. You can visit their site by clicking here. *NOTE - Code analyzed by this tool will execute in your browser. This tool is only designed to intercept calls made to the eval() and write() functions which are commonly used as the final function in malicious Javascripts. Some malicious scripts may not employ these functions and may therefore infect your browser..

Deobfuscate

Not yet deobfuscated ? Press Deobfuscate button twice !