There are a number of techniques that can be used to deobfuscate javascript. This website merely presents one method of deobfuscation. The method implemented here intercepts calls made to the eval() function. As stated on the home page, rather than evaluating the string as code, it returns the code. This technique is similar to deobfuscation using a command line javascript interpreter with the added advantage of having the Document Dbject Model predefined by the browser.

As stated above, there are a number of techniques that can be used to analyze malicious javascripts. This includes the use of command line scripting engines, debuggers, scripting languages, browsers and HTML, and of course good old fashion manual deobfuscation. No matter how good a tool for deobfuscation may be, ultimately no tool can deobfuscate every malicious Javascript. The analyst must be able to use multiple techniques to deobfuscate, and if all else fails, the analyst must be capable of manually dissecting the script to learn it's behavior.

Command-line Interpreters
Command-line Javascript engines are some of the most powerful and useful tools for deobfuscation. They are typically free to download and they give the analyst great power to manipulate how code is interpreted. While some configuration is necessary, these tools are definitely worth the effort. One of the more popular command line javascript interpreters is SpiderMonkey. This is the Javascript engine that Mozilla uses but it can also run from the Linux command line. Detailed instructions make for a moderately easy installation. You can learn more about SpiderMonkey by clicking here.

If you are the type of analyst who prefers to use breakpoints and step through the code one command at a time then debuggers are the way to go. They offer powerful methods for controlling and manipulating execution in real time. Different debuggers have different advantages. Every analyst has different preferences so pick one that you can use quickly and efficiently. Some popular debuggers include RhinoDebugger, Firebug, and various Microsoft tools. Google can help you find these tools as well as others. Be advised that some malicious Javascripts use integrity checks as a defensive mechanism to prevent analysis. If you have to add a new line in order to set a breakpoint then execution may fail in these instances, so choose your tools wisely.

Scripting Languages
Scripting languages can be a very useful tool especially when manually deobfuscating a Javascript. Perl in particular offers many features similar to javascript that can easily be translated. The idea is to merely mimic the script's behavior. If you see a for loop in Javascript, write a for loop in your scripting language. If you see a variable set to a specific value, reflect that variable in your script. If you recreate the script in another language, then when you get to the end of the deobfuscation routine you can place a print() statement in place of that final eval() or document.write() statement. The deobfuscated code will then be printed to STDOUT.

Browsers and HTML
One of the simpler but still effective analysis techniques involves using a web browser and HTML. It is very common to replace references to the eval() function with document.write("<textarea>" + variable + "</textarea>"); Open the modified HTML file in the browser and this will generate a text box with the deobfuscated code inside. Be advised that this technique is well known by attackers and there are simple ways to foil analysis and infect the analyst's machine. It is recommended that you always perform this type of analysis in a virtual machine with no network connection.

Manual Deobfuscation
This is by far the most challenging of methods, but if all other methods fail then every analyst should be capable of performing static code analysis. Read it, interpret it, write notes and comments. If you do not have any knowledge of Javascript and you are attempting to deobfuscate it then you will likely encounter some difficulty. There are plenty of resources online and at your local library or bookstore that can give you and understanding of basic Javascript. Take some time to learn the basics if you will be doing this type of work regularly.