jsunpack-n emulates browser functionality when visiting a URL. It's purpose is to detect exploits that target browser and browser plug-in vulnerabilities. It accepts many different types of input:
$ ./jsunpackn.py -u URL Optionally, you can specify the -a option, which fetches further decoded URLs or paths. If you wish to decode a local file instead, you can simply run:
$ ./jsunpackn.py samples/sample-pdf.file Other samples of malicious files exist within the samples directory.
One common problem running jsunpack-n is when there is no output. This means that there are no signature matches but it could mean that the file was decoded. You have the choice to use -v (verbose) or -V (veryverbose) to get more information in case jsunpack-n outputs nothing.