Analysis of Code

Reverse Engineering the Code!

Below are a series of hotlinks and short descriptions of tools for reverse engineering malicious programming code.

http://www.unphp.net/ – An online service that gives the user the ability to upload PHP code that may be malicious and analyze it. (UnPHP – The Online PHP Decoder. (n.d.). Retrieved December 26, 2016, from http://www.unphp.net/)

http://deobfuscatejavascript.com/ – A tool used to de-obfuscate JavaScript code. Note, the code must be just JavaScript, and cannot contain errors. (C:> deobfuscate javascript. (n.d.). Retrieved December 26, 2016, from http://deobfuscatejavascript.com/)

http://meyerweb.com/eric/tools/dencoder/ – Allows the encoding or decoding of URL’s to hide or reveal JavaScript URL’s into or from nonsense. (Meyer, E. A., & Meyer, K. S. (1995). Meyerweb.com. Retrieved December 26, 2016, from http://meyerweb.com/)

https://regex101.com/ – A program that helps you learn or understand regular expressions. As you type in the regular expression, a description of what your expression does is shown below. (Dib, F. (n.d.). Online regex tester and debugger: PHP, PCRE, Python, Golang and JavaScript. Retrieved December 26, 2016, from https://regex101.com/)

http://jsbeautifier.org/ – Gives the ability to Unpack, Obfuscate, or Butify JavaScript or HTML code, and can export to JSON or JSONP. (Lielmanis, E. (n.d.). Online JavaScript beautifier (L. Newman, Ed.). Retrieved December 26, 2016, from http://jsbeautifier.org/)

https://bluesoul.me/practical-malware-analysis-starter-kit/ This package contains most of the software referenced in Practical Malware Analysis.  (Practical Malware Analysis Starter Kit. (2016). Retrieved December 26, 2016, from https://bluesoul.me/practical-malware-analysis-starter-kit/

https://id-ransomware.malwarehunterteam.com/index.php – Identifies the type of ransomware from ransom note and encryption algorithm.  (Retrieved September 6, 2017).