
JavaScript Deobfuscation Easy
This module will take you step-by-step through the fundamentals of JavaScript Deobfuscation until you can deobfuscate basic JavaScript code and understand its purpose.
Created by 21y4d
Summary
Many malicious actors tend to obfuscate their code to avoid it being detected by systems or understood by other developers.
The ability to deobfuscate code is a useful technique that can be applied to various real-world scenarios. It is useful on web application assessments to determine if a developer has used "security by obscurity" to hide JavaScript code containing sensitive data. It can also be useful for defenders when, for example, attempting to deobfuscate code that was responsible for the Phishing website used in an attack.
In this module, you will learn the basics of deobfuscating and decoding JavaScript code and will have several exercises to practice what you learned.
You will learn the following topics:
- Locating JavaScript code
- Intro to Code Obfuscation
- How to Deobfuscate JavaScript code
- How to decode encoded messages
- Basic Code Analysis
- Sending basic HTTP requests
Our final exercise in this module will open a door for many other challenges and exercises in Hack The Box!
Requirements
It is recommended to take the Web Requests module before this one to get a general understanding of how HTTP requests work. If you are already familiar with them, then you should be able to start this module.
Sections
- Introduction
- Source Code
- Code Obfuscation
- Basic Obfuscation
- Advanced Obfuscation
- Deobfuscation
- Code Analysis
- HTTP Requests
- Decoding
- Skills Assessment
- Summary
Relevant Paths
This module progresses you towards the following Paths

Medium 257 Sections
Cubes Required: 1410
The Bug Bounty Hunter Job Role Path is for individuals who want to enter the world of Bug Bounty Hunting with little to no prior experience. This path covers core web application security assessment and bug bounty hunting concepts and provides a deep understanding of the attack tactics used during bug bounty hunting. Armed with the necessary theoretical background, multiple practical exercises, and a proven bug bounty hunting methodology, students will go through all bug bounty hunting stages, from reconnaissance and bug identification to exploitation, documentation, and communication to vendors/programs. Upon completing this job role path, you will have become proficient in the most common bug bounty hunting and attack techniques against web applications and be in the position of professionally reporting bugs to a vendor.

Easy 42 Sections
Cubes Required: 30
To be successful in any technical information security role, we must have a broad understanding of specialized tools, tactics, and terminology. This path introduces core concepts necessary for anyone interested in a hands-on technical infosec role. The modules also provide the essential prerequisite knowledge for joining the main Hack The Box platform, progressing through Starting Point through easy-rated retired machines, and solving "live" machines with no walkthrough. It also includes helpful information about staying organized, navigating the HTB platforms, common pitfalls, and selecting a penetration testing distribution. Students will complete their first box during this path with a guided walkthrough and be challenged to complete a box on their own by applying the knowledge learned in the Getting Started module.