This content is open to everyone — sign in to save your progress, earn points, and unlock module exams.
Topic 4.2 of Malicious Web & Document Files
Six JavaScript obfuscation patterns, eval() override interception technique, DevTools breakpoint method, CyberChef static decode, a six-step workflow, and environmental keying bypass.
By the end of this topic, you will
Quadrant 1 · e-Tutorial
Quadrant 2 · e-Content
Quadrant 3 · Web Resources
Downloadable reference material
External links
CyberChef — GCHQ Decode Tool
Browser-based tool for chaining decode operations. Build a recipe for Base64, URL decode, hex, character code substitution, and more.
de4js — JavaScript De-obfuscator
Online JavaScript de-obfuscator. Paste obfuscated code and apply beautification and decode operations.
MITRE ATT&CK — Obfuscated Files or Information: JavaScript (T1027)
ATT&CK technique for JavaScript obfuscation with real-world examples from threat actor campaigns.
Quadrant 4 · Self-Assessment
Malicious Web & Document Files
Covers drive-by download attacks, JavaScript de-obfuscation, malicious PDF analysis, RTF exploitation, and Microsoft Office macro malware.
REMA Complete Assessment
A comprehensive 120-question assessment covering the entire Reverse Engineering and Malware Analysis curriculum: malware taxonomy and reverse engineering fundamentals, static and dynamic analysis, reversing malicious code, malicious web and document files, in-depth analysis of packed and fileless malware, and self-defending malware techniques.