Deobfuscating JavaScript Malware When to Use - Investigating a phishing page with obfuscated JavaScript that performs credential harvesting or redirect - Analyzing a web skimmer (Magecart-style) injected into an e-commerce site - Deobfuscating a JavaScript dropper that downloads and executes second-stage malware - Examining malicious email attachments containing HTML files with embedded obfuscated scripts - Analyzing browser exploit kits that use heavy JavaScript obfuscation to hide exploit delivery Do not use for obfuscated JavaScript that is merely minified production code; use a standard b…