[GH-ISSUE #260] control flow obfuscation, dynamic code generation, highly nested functions, and some closure functions #62

New issue

Open

opened 2026-03-03 13:52:40 +03:00 by kerem · 2 comments

kerem commented 2026-03-03 13:52:40 +03:00

Owner

Copy link

Originally created by @zhangyupy on GitHub (Dec 30, 2024).
Original GitHub issue: https://github.com/jehna/humanify/issues/260

Currently, the functionality can only handle simple variable name obfuscation, but it is not applicable to common obfuscation techniques such as complex control flow obfuscation, dynamic code generation, highly nested functions, and some closure functions.

Originally created by @zhangyupy on GitHub (Dec 30, 2024). Original GitHub issue: https://github.com/jehna/humanify/issues/260 Currently, the functionality can only handle simple variable name obfuscation, but it is not applicable to common obfuscation techniques such as complex control flow obfuscation, dynamic code generation, highly nested functions, and some closure functions.

kerem added the

wontfix

label 2026-03-03 13:52:40 +03:00

kerem commented 2026-03-03 13:52:41 +03:00

Author

Owner

Copy link

@jehna commented on GitHub (Dec 30, 2024):

it is not applicable to common obfuscation techniques such as complex control flow obfuscation, dynamic code generation, highly nested functions, and some closure functions

Obfuscation is now handled by the package webcrack, which is a direct dependency of this project. If you need any further deobfuscation capabilities, please open an issue at the webcrack side – any new features will automatically be included in the future Humanify releases.

If you have any ideas on how to implement these features using LLMs, then I'd be happy to try to implement them at Humanify side.

<!-- gh-comment-id:2565131804 --> @jehna commented on GitHub (Dec 30, 2024): > it is not applicable to common obfuscation techniques such as complex control flow obfuscation, dynamic code generation, highly nested functions, and some closure functions Obfuscation is now handled by the package [webcrack](https://github.com/j4k0xb/webcrack), which is a direct dependency of this project. If you need any further deobfuscation capabilities, please open an issue at the webcrack side – any new features will automatically be included in the future Humanify releases. If you have any ideas on how to implement these features using LLMs, then I'd be happy to try to implement them at Humanify side.

kerem commented 2026-03-03 13:52:41 +03:00

Author

Owner

Copy link

@Acters commented on GitHub (Jan 5, 2025):

Since the LLMs are used to rename and "humanify" variables and function and the like.

It would be nice if it can rename "Labeled statements" that is used for while or for loops. As of right now, they remain untouched. This feature might be a bit complex to do as I do notice some obfuscated JS files have the labels repeated for separate while loops or the same name reused in a lambda(due to it being a separate namespace it does not affect the label or redefined the variable)

Lambda functions are also have their variables untouched, too. though it might be also complex due to them being used in .reduce( ) statements often in obfuscated code.

otherwise this is a great project and keeps it simple and clean. Most other forms of obfuscation should be directed towards the webcrack team.

<!-- gh-comment-id:2571491251 --> @Acters commented on GitHub (Jan 5, 2025): Since the LLMs are used to rename and "humanify" variables and function and the like. It would be nice if it can rename "Labeled statements" that is used for while or for loops. As of right now, they remain untouched. This feature might be a bit complex to do as I do notice some obfuscated JS files have the labels repeated for separate while loops or the same name reused in a lambda(due to it being a separate namespace it does not affect the label or redefined the variable) Lambda functions are also have their variables untouched, too. though it might be also complex due to them being used in `.reduce( )` statements often in obfuscated code. otherwise this is a great project and keeps it simple and clean. Most other forms of obfuscation should be directed towards the webcrack team.

kerem referenced this issue 2026-03-03 13:53:14 +03:00

[PR #62] [MERGED] Bump typescript-eslint from 8.2.0 to 8.3.0 #135

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

claude/rust-ast-rewrite-SjZI6

dependabot/npm_and_yarn/babel/types-7.29.0

dependabot/npm_and_yarn/globals-17.3.0

dependabot/npm_and_yarn/babel/core-7.29.0

dependabot/npm_and_yarn/commander-14.0.3

dependabot/npm_and_yarn/types/node-25.2.0

dependabot/npm_and_yarn/pkgroll-2.23.0

fix/tests

dependabot/npm_and_yarn/openai-6.17.0

dependabot/npm_and_yarn/typescript-eslint-8.54.0

dependabot/npm_and_yarn/node-llama-cpp-3.15.1

dependabot/npm_and_yarn/prettier-3.8.1

dependabot/npm_and_yarn/eslint-9.39.2

dependabot/npm_and_yarn/eslint/js-9.39.2

dependabot/npm_and_yarn/tsx-4.21.0

dependabot/npm_and_yarn/eslint-plugin-unused-imports-4.3.0

dependabot/npm_and_yarn/typescript-5.9.3

dependabot/npm_and_yarn/dotenv-17.2.3

dependabot/npm_and_yarn/ipull-4.0.3

dependabot/npm_and_yarn/google/generative-ai-0.24.1

ollama-support

add/github-azure-integration

v1

v2.2.2

v2.2.1

v2.2.0

v2.1.3

v2.1.2

v2.1.1

v2.1.0

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v1.0

Labels

Clear labels   

bug

  

enhancement

  

pull-request

Mirrored from GitHub Pull Request

  

wontfix

No labels

bug

enhancement

pull-request

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/humanify#62

No description provided.