Skip to content

Cyber-Suite-CSE/reverse-engineer-tool

BranchesTags

Repository files navigation

JavaScript Reverse Engineering Tool

A simple yet powerful JavaScript reverse engineering tool for code analysis, deobfuscation, and pattern detection. This tool helps you understand and analyze JavaScript code by extracting functions, variables, strings, detecting obfuscation patterns, and beautifying minified code.

Features

  • Code Beautification: Deobfuscate and format minified/obfuscated JavaScript code
  • Function Extraction: List all functions with their parameters and metadata
  • String Extraction: Extract all unique string literals from code
  • Variable Analysis: Identify all variables in the code
  • Control Flow Analysis: Analyze code complexity and control structures
    • Calculate cyclomatic complexity
    • Detect nesting depth
    • Identify all control flow structures (if/else, loops, switch, try/catch)
    • Get actionable, context-aware recommendations for code improvement, including function names and line numbers for complex or deeply nested code
  • Pattern Detection: Detect common obfuscation techniques:
    • Hex-encoded strings
    • Dynamic code execution (eval/Function)
    • String concatenation obfuscation
    • Base64 encoding/decoding
    • Minification patterns
    • Array index obfuscation
  • Code Statistics: Get detailed metrics about the code structure
  • Full Reports: Generate comprehensive analysis reports

Installation

# Clone the repository
git clone https://github.com/Cyber-Suite-CSE/reverse-engineer-tool.git
cd reverse-engineer-tool

# Install dependencies
npm install

# Make CLI executable (on Unix-like systems)
chmod +x cli.js

Usage

Command Line Interface

# Analyze code
node cli.js analyze <file>

# Beautify/deobfuscate code
node cli.js beautify <file>
node cli.js beautify <file> -o output.js

# Extract strings
node cli.js strings <file>

# List functions
node cli.js functions <file>

# Detect patterns
node cli.js patterns <file>

# Analyze code complexity
node cli.js complexity <file>

# Generate full report
node cli.js report <file>

# Show help
node cli.js --help

Programmatic Usage

const ReverseEngineer = require('./index.js');

// Load your code
const code = `
  function obfuscated() {
    const secret = "hidden";
    return eval(secret);
  }
`;

// Create analyzer instance
const re = new ReverseEngineer(code);

// Beautify code
const beautified = re.beautify();
console.log(beautified);

// Analyze code
const analysis = re.analyze();
console.log(analysis);

// Get specific information
const functions = re.getFunctions();
const strings = re.getStrings();
const patterns = re.getPatterns();
const stats = re.getStatistics();
const controlFlow = re.getControlFlow();

// Generate full report
const report = re.generateReport();
console.log(report);

Examples

The examples/ directory contains sample files you can analyze:

# Analyze obfuscated code
node cli.js analyze examples/obfuscated.js

# Beautify minified code
node cli.js beautify examples/minified.js -o examples/minified-clean.js

# Extract strings from code
node cli.js strings examples/simple.js

# Analyze code complexity
node cli.js complexity examples/complex.js

# Generate full report
node cli.js report examples/obfuscated.js

API Reference

ReverseEngineer

Main class for code analysis.

Constructor

  • new ReverseEngineer(code) - Create a new instance with JavaScript code

Methods

  • parse() - Parse code into AST (Abstract Syntax Tree)
  • beautify() - Beautify/deobfuscate code and return formatted string
  • analyze() - Perform full analysis and return results
  • getStrings() - Extract all unique string literals
  • getFunctions() - Extract all function declarations
  • getStatistics() - Get code statistics (lines, functions, variables, etc.)
  • getPatterns() - Detect obfuscation patterns
  • getControlFlow() - Analyze control flow and cyclomatic complexity
  • generateReport() - Generate comprehensive analysis report
  • getRecommendations() - Get actionable refactoring suggestions for complex or deeply nested code, including function names and line numbers

Testing

Run the test suite:

npm test

Use Cases

  • Security Analysis: Analyze potentially malicious JavaScript code
  • Code Review: Understand minified or obfuscated code
  • Malware Analysis: Detect obfuscation patterns in suspicious scripts
  • Learning: Study how code obfuscation techniques work
  • Development: Debug and understand third-party minified code

Docker Usage

Build the Docker image:

docker build -t reverse-engineer-tool .

Run the tool using Docker:

# Analyze a file
docker run -v $(pwd)/examples:/workspace reverse-engineer-tool analyze /workspace/obfuscated.js

# Beautify code
docker run -v $(pwd)/examples:/workspace reverse-engineer-tool beautify /workspace/minified.js -o /workspace/minified-clean.js

# Extract strings
docker run -v $(pwd)/examples:/workspace reverse-engineer-tool strings /workspace/simple.js

# Generate report
docker run -v $(pwd)/examples:/workspace reverse-engineer-tool report /workspace/obfuscated.js

The -v $(pwd):/workspace flag mounts your current directory into the container, allowing the tool to access your files.

Dependencies

  • acorn: JavaScript parser for AST generation
  • escodegen: Code generator for beautification
  • esprima: ECMAScript parsing infrastructure

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

License

This project is licensed under the MIT License - see the LICENSE file for details.

Author

Cyber Suite CSE

Security Note

This tool is designed for legitimate reverse engineering and code analysis purposes. Always ensure you have permission to analyze code that doesn't belong to you.

About

Simple reverse engineering tools

Resources

Readme

License

MIT license

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages