Announcing VMware Carbon Black Cloud Script Deobfuscation API
Posted on July 17, 2023
Script-based attacks are commonly used to gain entry into systems and to move laterally to inflict damage. The latest Script Deobfuscation API allows users to deobfuscate obfuscated PowerShell scripts. Deobfuscation increases an analyst’s efficiency when analyzing malicious scripts.
- Automatically deobfuscating PowerShell is not something that is generally and automatically available in industry.
- Deobfuscation of PowerShell opens the doors to understanding attackers better and faster than manually deobfuscating
- This API allows customers to automatically extract previously difficult information from a PowerShell script, and also deobfuscating and returning a more human readable version.
Note: This was initially released under the internal name Reveal and updated shortly after to Script Deobfuscation API.