# SpiderMonkey
> Mozilla JavaScript engine — execute and deobfuscate malicious JavaScript outside a browser

**Category:** [[categories/dynamically-reverse-engineer-code-scripts|Dynamically Reverse-Engineer Code > Scripts]] | **Tier:** Rich (FOR610)
**Docs:** [https://docs.remnux.org/discover-the-tools/dynamically+reverse-engineer+code/scripts](https://docs.remnux.org/discover-the-tools/dynamically+reverse-engineer+code/scripts)

## Usage
```bash
js -f malicious.js
js -f /usr/share/remnux/objects.js -f malicious.js > decoded.js
```

## Recipes
- [[recipes/js-deobfuscation-spidermonkey|Deobfuscate JavaScript with SpiderMonkey]]
- [[recipes/js-null-byte-cleanup|Clean Null Bytes from UTF-16 JavaScript]]

## Workflows
- [[workflows/javascript-deobfuscation-workflow|JavaScript Deobfuscation]] — Step 3: Safe Execution (SpiderMonkey)

## Related Tools
- [[tools/box-js|box-js]] — JavaScript sandbox for analyzing malicious scripts by emulat
- [[tools/jstillery|jstillery]] — Deobfuscate JavaScript scripts using AST and Partial Evaluat
- [[tools/objects-js|objects.js]] — Emulate common browser and PDF viewer objects, methods, and 
- [[tools/powershell|powershell]] — Run PowerShell scripts and commands.

## FOR610
**Labs:** 3.6, 3.7, 4.5
**Sections:** 3, 4

#javascript #deobfuscation #execution