Skip to content

Deobfuscate various encodings that can be found in web logs.

Notifications You must be signed in to change notification settings

RandomRhythm/Web_Log_Deobfuscate

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Web-Log-Deobfuscate

Deobfuscate various encodings that can be found in web logs.

Web-Log-Deobfuscate can be used to deobfuscate files containing hex (0x), ASCII, Unicode percent encoded characters, and interpreted CHAR()/CHR() commands. The output will contain decoded text further revealing web attacks such as SQL injection. Input the log file and the script will output the deobfuscated log at the specified path.

Options:

  -h, --help            show this help message and exit
  
  -i STRINPUTFPATH, --input=STRINPUTFPATH
                        (Path to log file that will be deobfuscated)
                        
  -o STROUTPUTFPATH, --output=STROUTPUTFPATH
                        (Deobfuscated log output file path)

  -l, --loginteresting  Write interesting log entries identified with encoding
                        to a .interesting file)

Example:

process_logs.py -i .\Example_Logs\access.log -o .\Example_Logs\access.log.processed -l

This code was integrated into OWASP Access Log Parser