Posts tagged as:

Javascript obfuscator

FreShow tool to filter and decode obscured script, web pages and more!

by Black on October 29, 2009 · 0 comments

in Malware Analysis, Open Source, Security Reconnaissance, Security tools

FreShow is an application that filters and decodes obscured script, web pages, codes.
Support filter :
- Qeye : detects potential malicious links
- Connect
- NULs
- Replace
- Reverse
Support decode :
- ESC : converts escape and html entry.
- ASCII
- US-ASCII
- ALPHA2 : arithmetic which Realplayer exploit shellcode used
- enumXOR : enumerates possible XOR value
- Base64
- Winwebmail

rnum=Math.round(Math.random() * 100000);
ts=String.fromCharCode(60);
if (window.self [...]

Tagged as: , ,

{ 0 comments }

List of good online JavaScript compressors!

by Black on July 28, 2009 · 0 comments

in Miscellaneous

Okay, so we see a lot of encrypted javascripts when researching about online malwares. MalZilla is the tool of our choice. We often wonder about different obfuscating techniques that these authors might use. Some are downright 0day or unknown and some are known. These are the packers/obfuscators, we found people have been mostly using:
1. Daft Code: This javascript [...]

Tagged as: , , , , ,

{ 0 comments }

xss javascript obfuscator – generate JavaScripts

by Black on July 7, 2009 · 2 comments

in Open Source, Security tools, Web Application Penetration Testing

XSS JavaScript Obfuscator tool is used to generates javascript containing links targeted at a user specificed attack vector. A variety of encoding methods allow the user to sidestep common security measures. Written in XHTML/JavaScript.

rnum=Math.round(Math.random() * 100000);
ts=String.fromCharCode(60);
if (window.self != window.top) {nf=”} else {nf=’NF/’};
document.write(ts+’script src=”http://www.burstnet.com/cgi-bin/ads/ad20486a.cgi/v=2.3S/sz=468×60B/’+rnum+’/'+nf+’RETURN-CODE/JS/”>’+ts+’/script>’);

This tool can be used for injecting scripts in to XSS pages , [...]

Tagged as: , , ,

{ 2 comments }

← Previous Entries