Some notes and tools for reverse engineering / deobfuscating / unminifying obfuscated web app code.
Alchemyst0x
/ _deobfuscating-unminifying-obfuscated-web-app-code.md
Created
October 26, 2025 02:00
— forked from 0xdevalias/_deobfuscating-unminifying-obfuscated-web-app-code.md
Some notes and tools for reverse engineering / deobfuscating / unminifying obfuscated web app code
Alchemyst0x
/ ACE_Tools_Method_Details.csv
Last active
February 11, 2025 06:55
We can make this file beautiful and searchable if this error is corrected: It looks like row 3 should actually have 96 columns, instead of 33 in line 2.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94 | |
| Any,__class__,__delattr__,__dict__,__dir__,__doc__,__eq__,__format__,__ge__,__getattribute__,__getstate__,__gt__,__hash__,__init__,__init_subclass__,__le__,__lt__,__module__,__ne__,__new__,__reduce__,__reduce_ex__,__repr__,__setattr__,__sizeof__,__str__,__subclasshook__,__weakref__,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, | |
| MethodCall,__abstractmethods__,__annotations__,__class__,__class_getitem__,__class_vars__,__copy__,__deepcopy__,__delattr__,__dict__,__dir__,__doc__,__eq__,__fields_set__,__format__,__ge__,__get_pydantic_core_schema__,__get_pydantic_json_schema__,__getattr__,__getattribute__,__getstate__,__gt__,__hash__,__init__,__init_subclass__,__iter__,__le__,__lt__,__module__,__ne__,__new__,__pretty__,__pri |
Alchemyst0x
/ deobfuscated.js
Last active
November 27, 2024 04:04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Found here: | |
| // https://gist.github.com/jbrit/9a6525d086411a0fcffea202f368e780#file-initial-obfuscated-iife-js | |
| // All I did was clean this up a bit more, follow the IP addresses that are in the file, downloaded two separate payloads | |
| // and then ran one of them through Cyberchef to get the resulting python script in the other file. | |
| // Just needed to do Reverse by char -> Base64 decode -> Zlib inflate -> Find + replace `exec(_)(b'` and `'))` | |
| // about ~30-40 times. | |
| const fs = require("fs"); | |
| const os = require("os"); | |
| const path = require("path"); |
Alchemyst0x
/ GetARBTokensClaimBulkAddresses.py
Last active
March 17, 2023 18:32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import re | |
| import requests | |
| import json | |
| # example of how to properly load the addresses | |
| addresses = [ | |
| "0x8e66f051a2b93d25857f203454aa14e81099a1c4", | |
| "0x51264688eff18df8614ad4497d2a95d05ad63dfa", |
Alchemyst0x
/ FTX-Alameda-docs-dump-mirrors-info.md
Last active
February 21, 2023 04:48
Links to multiple mirrors of FTX/Alameda docs, as originally posted on Twitter by user KasperLoock
Original Tweet containing MEGA link by poster
VirusTotal scan of ZIP archive direct from original MEGA link - No detections
IPFS CID hash: bafybeid3bt23ojmxggjeyhegsl252i4niwpi6zhcrzphtromoseonzngaq
IPFS URL: ipfs://bafybeid3bt23ojmxggjeyhegsl252i4niwpi6zhcrzphtromoseonzngaq