Back to Blogs

Announcing VMware Carbon Black Cloud Script Deobfuscation API

Posted on July 17, 2023

Script-based attacks are commonly used to gain entry into systems and to move laterally to inflict damage. The latest Script Deobfuscation API allows users to deobfuscate obfuscated PowerShell scripts. Deobfuscation increases an analyst’s efficiency when analyzing malicious scripts.

Use Cases

  • Automatically deobfuscating PowerShell is not something that is generally and automatically available in industry.
  • Deobfuscation of PowerShell opens the doors to understanding attackers better and faster than manually deobfuscating
  • This API allows customers to automatically extract previously difficult information from a PowerShell script, and also deobfuscating and returning a more human readable version.

Note: This was initially released under the internal name Reveal and updated shortly after to Script Deobfuscation API.

More Information

Have questions or feedback?

  • Subscribe to the Developer Network Newsletter