Javascript Obfuscation and Tools of the trade
What is JS Obfuscation?
JS Obfuscation is a process of scrambling your JavaScrips Codes in order to prevent the code from being analyzed. However it makes the code stealing job difficult as it converts the codes in such a format that it will be difficult to understand the functionality of code and how it works.
How to Obfuscate your JavaScript codes?
Although you can make your own JS Obfuscators, well there are some vendors which makes your life easier by providing readymade tools for solving your obfuscation purposes. Some of them are:
- Stunnix [Commercial],trial version also available.
- JavaScript Obfuscator [Commercial], trial version also available.
There are some websites which can encode your Java scripts using their own obfuscation algorithms. Some of them are:
- http://www.javascriptobfuscator.com/Default.aspx
- http://www.shaneng.net/Main/JavaScriptObfuscator
- http://www.daftlogic.com/projects-online-javascript-obfuscator.htm
- How JS Obfuscation can be used in a malevolent way?
To some extent it prevents source code stealing and further analysis but on the other hand it opens the way for the malicious hackers to hide their malicious malware codes into the context of the web application source page. If your Antivirus applications are not smart enough to handle and decode JS Obfuscation methods then its not a big deal to be affected with malwares. You can see an usage of JS Obfuscation on how to hide malwares and how to track them from this article link.
- I hope this will be useful to some extent on giving an excerpt on JS Obfuscations and how it can be used in a malicious way.
- Cheers!
XyluX