Discover and explore top open-source AI tools and projects—updated daily.
lwjjikeAI toolkit for web and JavaScript reverse engineering
Top 89.2% on SourcePulse
Summary
This repository, lwjjike/xbsReverseSkill, offers a specialized toolkit for web and JavaScript reverse engineering. It addresses complex challenges in deobfuscation, algorithmic analysis, and browser environment simulation, providing engineers and researchers with targeted skills to dissect obfuscated code, understand intricate protocols, and bypass anti-analysis techniques. The primary benefit is enabling deeper analysis of protected web applications and services.
How It Works
The project comprises distinct skill modules. ast-deobfuscation employs Babel AST for layered, fall-back deobfuscation, targeting common obfuscation patterns like identifier mangling, string encryption, and control flow flattening, with specialized modes for various obfuscation families. web-reverse-algorithm focuses on pure computation and protocol analysis, aiding in reverse engineering complex signatures, mixed encryption, JSVMP/VMP, Wasm, and challenge-response mechanisms, aiming to produce reusable solvers or SDKs. The web-js-env-patcher (superseding the deprecated web-reverse-env) provides modular browser environment simulation and runtime patching, addressing anti-detection, fingerprint alignment, and risk control measures by reconstructing critical browser APIs like navigator, document, and crypto.
Quick Start & Requirements
Installation involves copying skill directories (ast-deobfuscation, web-reverse-algorithm, web-js-env-patcher) into the .codex/skills or .claude/skills directories for their respective CLIs. Claude CLI setup requires Node.js and Git, global installation of @anthropic-ai/claude-code, and configuring the CLAUDE_CODE_GIT_BASH_PATH environment variable. Usage is via the claude command. For third-party interfaces, ANTHROPIC_AUTH_TOKEN and ANTHROPIC_BASE_URL environment variables must be set. Users are advised to disable certain skills when using web-js-env-patcher to prevent conflicts.
Highlighted Details
ast-deobfuscation includes specialized pipeline scripts for popular obfuscation families like reese84, Tencent, and Geetest.web-reverse-algorithm is designed to facilitate the creation of automated solvers, SDKs, or services from reverse engineering findings.web-js-env-patcher offers modular construction of browser environments, covering a wide array of APIs and anti-detection features.Maintenance & Community
No specific details regarding project maintainers, community channels (e.g., Discord, Slack), roadmaps, or sponsorship were found in the provided README.
Licensing & Compatibility
The README does not specify a software license. Consequently, compatibility for commercial use or linking with closed-source projects remains undetermined.
Limitations & Caveats
The web-reverse-env module is explicitly marked as deprecated. The web-js-env-patcher skill requires careful management, with instructions to disable other skills to avoid conflicts. The project's reliance on external CLIs and specific environment variable configurations may present setup challenges for some users.
4 days ago
Inactive