To evade static analysis, the document body can returned with each character rotated by
some fixed amount in the response where JavaScript can decode it and append it to the DOM.
This helps defeat simple scanners which don't evaluate JavaScript.
Detects an obfuscation technique found being used
by a phishing kit where it appends the content of
the parent tag into the `data-content` attribute
with the data being encoded using ASCII values to
evade static analysis.
To evade static analysis, the document body can returned hex encoded in the response
where JavaScript can decode it and append it to the DOM.
This helps defeat simple scanners which don't evaluate JavaScript.
`testcookie-nginx-module` is a basic anti-bot mechanism using a JavaScript-based challenge to defeat simple analysis by sandboxes which don't evaluate JavaScript.
To evade static analysis, the document body can returned base64 encoded in the response
where JavaScript can decode it and append it to the DOM.
This helps defeat simple scanners which don't evaluate JavaScript.
Detects an obfuscation technique found being used
by a TrustWallet phishing kit where it appends several
repeating groups of characters to the class attribute
of all HTML elements in the page.
To evade static analysis, the document body can be wrapped in several
JavaScript functions such as `decodeURIComponent` and `atob` in order
to evade analysis.
This helps defeat simple scanners which don't evaluate JavaScript.