It isn’t a big deal anymore to find websites containing exploits often use a series of redirects and obfuscated code to make it more difficult for somebody to follow. There is a software that can save you from such pages known as Malzilla. Based on the Firefox JavaScript engine SpiderMonkey Malzilla is a tool for malware-hunters. It’s an open source software program for Windows that allows you to choose your own user agent and referrer, and has the ability to use proxies. It shows you the full source of webpages and all the HTTP headers. It gives you various decoders to try and deobfuscate javascript as well.

It displays a complete source code and the http header of the webpage in the interface. You can always view the webpage in text mode before opening the actual page on the site.  Some of the key features of Malzilla includes

  • JavaScript decoder
  • Decode Hex, USC2 and Base64
  • Link Parser
  • Clipboard Monitor
  • Hex Viewer
  • Note taking

After their latest upgrade they’re also offering

  • Tabbed Download and Decoder
  • Hacked SpiderMonkey (hacked eval() function)
  • Rewrite a lot of code in order to use hacked SpiderMonkey engine
  • Concatenate function in Misc Decoders
  • Format code (code beautifier)
  • Find objects (deal with pages that triggers exploits on HTML events like onLoad and similar)
  • Saving logs/cases (log actions, downloaded files etc.), for tracing infection through more pages/sites/servers.

Malzilla can be very helpful for analyzing webpages. It definitely eases the process of analysing and identifying webpages. You can download it from here