This repository contains a collection of robust AST-based (Abstract Syntax Tree) transformation scripts used to surgically deobfuscate, clean, and map minified/obfuscated React and Zustand codebases back to human-readable structures.
These tools were specifically developed to bypass complex javascript-obfuscator techniques, including opaque predicates, control flow flattening, and extreme identifier mangling within massive Webpack/Vite bundles (e.g., 6MB+ files).
-
Semantic React Hook Mapping (
rename_all_hooks.js)- Automatically maps mangled variables back to their semantic names by statically analyzing React Hook consumption (e.g., Zustand
useStoredestructuring and selectors). - Example: Transforms
const { userSession: q } = useAuthStore()across the entire AST to rename all instances ofqtouserSession.
- Automatically maps mangled variables back to their semantic names by statically analyzing React Hook consumption (e.g., Zustand
-
Recursive Proxy Inlining (
inline_all.js&inline_proxy_objects.js)- Eliminates "opaque predicate" proxies (giant
_0x...dictionary objects that hide strings and logical operators). - Automatically resolves indirect member lookups by inlining dictionary values and executing proxy functions locally.
- Runs recursively until the codebase reaches equilibrium (0 remaining proxy objects).
- Eliminates "opaque predicate" proxies (giant
-
Global Identifier Sweeps (
auto_rename_0x.js&sweep_globals.js)- Intelligently renames remaining mangled
_0x...identifiers depending on their AST node type (var1,fn2,param3). - Specifically handles edge-cases like undeclared global aliases (e.g.,
window,console) that minifiers strip declarations for, mapping them to a clean sequential registry (_global_1, etc.).
- Intelligently renames remaining mangled
-
Unicode Unescaping (
unescape_unicode.js)- Safely parses and converts
\uXXXXand\xXXobfuscated strings back to human-readable UTF-8 characters (e.g., Emojis, non-Latin alphabets like Thai). - Implements strict ASCII safety checks to prevent breaking string syntax (ignoring quotes, backslashes, and control characters).
- Safely parses and converts
-
Babel Export Patcher (
fix_exports.js)- Bypasses Babel strict mode
SyntaxErrorfailures during massive bundle transformations. - Programmatically identifies missing/ghost exports and injects dummy declarations, allowing deep AST parsing to continue without breaking bundle integrity.
- Bypasses Babel strict mode
- Node.js (v18+)
- Babel Toolchain:
@babel/parser,@babel/traverse,@babel/generator,@babel/types
npm install @babel/parser @babel/traverse @babel/generator @babel/typesTo fully deobfuscate a Webpack bundle, run the scripts in the following order:
- Semantic Hook Mapping:
node scripts/rename_all_hooks.js /path/to/obfuscated_bundle.js - Recursive Proxy Inlining:
node scripts/inline_all.js(Target directory should be configured in the script) - Handle Babel Export Errors (If encountered):
node scripts/fix_exports.js - Global Variable Sweep (Part 1):
node scripts/auto_rename_0x.js - Global Alias Sweep (Part 2):
node scripts/sweep_globals.js - String Unescaping:
node scripts/unescape_unicode.js
This toolkit strictly prioritizes AST Transformation over crude RegEx replacements.
By utilizing Babel's scope.getBinding() mechanism and scope traversal, the scripts ensure that local variable shadowing, nested scope closures, and React component integrity are perfectly maintained throughout the renaming process.
These tools are provided for educational purposes, security analysis, and legacy code recovery. Ensure you have the right to reverse-engineer or analyze the target application before using this toolkit.