# box-js
> JavaScript sandbox for analyzing malicious scripts by emulating browser/WScript APIs

**Category:** [[categories/dynamically-reverse-engineer-code-scripts|Dynamically Reverse-Engineer Code > Scripts]] | **Tier:** Rich (FOR610)
**Docs:** [https://docs.remnux.org/discover-the-tools/dynamically+reverse-engineer+code/scripts](https://docs.remnux.org/discover-the-tools/dynamically+reverse-engineer+code/scripts)

## Usage
```bash
box-js --output-dir=/tmp suspicious.js
```

## Workflows
- [[workflows/javascript-deobfuscation-workflow|JavaScript Deobfuscation]] — Step 5: Alternative Analysis

## Related Tools
- [[tools/jstillery|jstillery]] — Deobfuscate JavaScript scripts using AST and Partial Evaluat
- [[tools/objects-js|objects.js]] — Emulate common browser and PDF viewer objects, methods, and 
- [[tools/powershell|powershell]] — Run PowerShell scripts and commands.
- [[tools/spidermonkey|SpiderMonkey]] — Mozilla JavaScript engine — execute and deobfuscate maliciou

## FOR610
**Sections:** 3

#javascript #sandbox #emulation