تشغيل أي مهارة في Manus بنقرة واحدة

re-js-app

Reverse engineer and deobfuscate bundled JavaScript/Electron applications. Extracts DMG/AppImage/pkg archives, unpacks app.asar, deobfuscates webpack/Vite/browserify bundles with scope-aware Babel-based variable renaming, and outputs readable source code. Use when the user wants to reverse engineer, deobfuscate, unminify, or analyze a bundled JS application (Electron, web app, Node.js), extract readable source from minified bundles, unpack app.asar, or understand how a third-party JS app works internally.

تشغيل في Manus

نظرة عامة

أمر التثبيت

npx skills add https://github.com/aresbit/MateBot --skill re-js-app

انسخ والصق هذا الأمر في Claude Code لتثبيت المهارة

المصدر

aresbit/MateBot

النجوم٤٧

التفرعات٦

آخر تحديث٢ مايو ٢٠٢٦ في ٠٥:٥١

مستكشف الملفات

5 ملفات

SKILL.md

readonly

name

re-js-app

description

JS App Reverse Engineer

Deobfuscate bundled JavaScript applications: extract archives, unpack asar, deobfuscate webpack/Vite bundles with scope-aware renaming.

Pipeline

Archive (.dmg/.AppImage/.pkg) → 7z extraction → .app → npx asar extract → JS
  → webcrack (unpack + format) → deobfuscate.js (scope rename) → readable source

Phase 1: Extract

DMG (macOS)

7zz x -y App.dmg          # Use 7zz 24.09+, not old p7zip
# Find: App.app/Contents/Resources/app.asar

AppImage (Linux)

./App.AppImage --appimage-extract
# Find: squashfs-root/resources/app.asar

pkg (macOS flat package)

pkgutil --expand App.pkg extracted_pkg/
# Or: xar -xf App.pkg && gunzip -c Payload | cpio -i

Extract asar

npx asar extract app.asar extracted_app
# For native modules, keep them unpacked:
npx asar extract app.asar extracted_app --unpack '*.node'

Common output structure:

extracted_app/
├── out/              # Bundled JS (main/ + client/)
├── node_modules/     # Server-side node_modules (framework clues)
├── package.json      # Dependencies, Electron version
└── resources/        # Icons, assets

Phase 2: Identify Bundle Type

Look at the JS output to determine the bundler:

Pattern	Bundler	Strategy
`__webpack_require__`, `webpackChunk`	webpack	Full webcrack pass
`__vite__mapDeps`, `_app/immutable/chunks/`	Vite/SvelteKit	webcrack format, skip chunk rename
`__esModule`, `Object.defineProperty(exports`	TypeScript/esbuild	webcrack + deobfuscate
`require("./chunk-")`, `__browserify_`	browserify	webcrack unpack

Phase 3: webcrack

npm install -g webcrack
webcrack input.js -o output_dir/

webcrack handles: webpack unpacking, JSX transpilation, string array deobfuscation, control flow unminify, formatting. Output file: output_dir/deobfuscated.js.

Phase 4: Scope-Aware Rename (deobfuscate.js)

cd <skill-dir>
npm install @babel/parser @babel/traverse @babel/generator @babel/types
node scripts/deobfuscate.js <webcrack_output.js> [output.js]

This script performs three scope-aware passes:

Import alias rename: import { BrowserWindow as n } → _BrowserWindow. Only triggers when imported name is meaningful (>2 chars) and local name is short (<4 chars). Uses Babel scope.rename() to avoid cross-scope conflicts.
Webpack factory param rename: (e, t) => { t.exports = ... } → (module_, exports_). Detects factory pattern by checking for exports property assignment and require("literal") calls. Only applies within the factory function scope.
Utility pattern rename: var se = Object.create → var Object_create = Object.create. Renames at program scope.

Phase 5: Statistical Local Variable Rename (rename-locals.js)

node scripts/rename-locals.js <deobfuscated.js> [output.js]

Heuristic-based local variable renaming using context analysis:

Type detection: .push()/.forEach() → array, .replace() → string, .then() → Promise
Role detection: new X() → constructor, X++ → counter/index, typeof X=="function" → callback
Assignment source: X = require("y") → module, X = path.join() → filePath, X = Object.keys() → propNames
Param position: (err, result) callback convention, (req, res) pattern
Scope neighbor context: If nearby binding is "callback", this one is likely also a callback

Key Files to Target

File	Size	Content
`main/index.js`	200-500KB	Main process: IPC handlers, window management, tray, menus
`client/*.js` or `_app/`	1-10MB	Renderer/UI bundle (SvelteKit/React/Vue)
`preload.js`	1-50KB	Preload script: contextBridge API exposure
`*.node`	Binary	Native addons (skip, not JS)

Reading the Output

Import lines = API surface:

import { BrowserWindow as _BrowserWindow, ipcMain as _ipcMain } from "electron";

Webpack module boundaries:

var SomeModule = wrapper((module_, exports_) => {
  exports_.exports = { someExport };
});

IPC handlers = main↔renderer communication:

_ipcMain.handle("channel-name", (event, input) => { ... });

Naming convention:

_Xxx — Import alias, restored from original name
module_/exports_/require_ — Webpack factory params
Short names remaining after Phase 4 — Application-level locals (need Phase 5 or manual reading)

Resources

scripts/deobfuscate.js — Scope-aware variable renamer (Phase 4 runner)
scripts/rename-locals.js — Statistical local variable renamer (Phase 5 runner)
references/api-patterns.md — Electron/Node.js API method catalog for heuristic matching
references/workflow.md — Detailed step-by-step workflow with troubleshooting

المزيد من هذا المستودع

نفس المستودع

hm-framework-skill

aresbit/MateBot

OpenHarmony (鸿蒙) 服务层/框架层代码仓库架构与命名规范领域知识。适用于识别、导航、分析和创建符合 OpenHarmony 分层架构标准的代码仓库。当用户需要以下任一场景时使用此 Skill： (1) 分析 OpenHarmony 服务层或框架层代码仓库的目录结构与命名约定， (2) 判断一个仓库是否符合 OpenHarmony foundation 分层架构规范（subsystem/component 路径模式）， (3) 理解 bundle.json 组件描述符与 GN 构建系统的路径映射关系， (4) 在 OpenHarmony 项目内新增组件、服务或接口时遵循正确的命名格式, (5) 理解 frameworks/ vs services/ vs interfaces/ vs common/ 的分层职责边界。

2026-05-2047

macos2linuxapp

aresbit/MateBot

Convert a macOS Electron app (from .dmg) into a runnable Linux Electron app. Use when the user needs to port a macOS-only Electron desktop application to Linux, build a .deb/.rpm package from a macOS DMG, patch app.asar for Linux window behavior, or fix startup crashes after such conversion (e.g., missing chunks, t.join errors, transparent background flickering, deb dependency issues).

2026-05-0547

skill-creator

aresbit/MateBot

Create new skills, modify and improve existing skills, and measure skill performance. Use when users want to create a skill from scratch, edit, or optimize an existing skill, run evals to test a skill, benchmark skill performance with variance analysis, or optimize a skill's description for better triggering accuracy.

2026-05-0247

zig

aresbit/MateBot

Up-to-date Zig programming language patterns for version 0.16.0. Use when writing, reviewing, or debugging Zig code, working with build.zig and build.zig.zon files, or using comptime metaprogramming. Critical for avoiding outdated patterns from training data - especially build system APIs (root_module instead of root_source_file), I/O APIs (buffered writer pattern), container initialization (.empty/.init), allocator selection (DebugAllocator), and removed language features (@Type, @cImport, async/await, usingnamespace).

2026-04-2647

wsl-proxy-fix

aresbit/MateBot

Fix WSL git proxy connection errors (Failed to connect to 127.0.0.1 port 7890)

2026-04-2247

lecture-skill

aresbit/MateBot

CS 课程系统性学习 Skill。融合横纵分析法与结构化写作质检体系，用于深度学习一门计算机科学课程（含 lecture notes、syllabus、paper list），最终输出一份结构完整、有个人洞察的学习报告。触发词包括但不限于：学习这门课、帮我梳理一下这个课程、研究一下这门 CS 课程、输出学习报告、课程分析、lecture notes 整理、帮我搞懂这门课。适用于用户丢来一个课程主页（如 https://cs.brown.edu/courses/csci1650/）说"帮我学习一下"或"帮我写个学习报告"的场景。不要用于简单名词解释（如"什么是 OS"），也不要用于写公众号文章。

2026-04-1547

المصدر

aresbit

aresbit/MateBot

فتح مستودع GitHub عرض مستودعات المنشئ

أمر التثبيت

تنزيل

تشغيل في Manus

مفيد لـSOC

مطوّرو البرمجياتمهن الحاسوب والرياضيات15-1252L4

name

re-js-app

description

JS App Reverse Engineer

Deobfuscate bundled JavaScript applications: extract archives, unpack asar, deobfuscate webpack/Vite bundles with scope-aware renaming.

Pipeline

Archive (.dmg/.AppImage/.pkg) → 7z extraction → .app → npx asar extract → JS
  → webcrack (unpack + format) → deobfuscate.js (scope rename) → readable source

Phase 1: Extract

DMG (macOS)

7zz x -y App.dmg          # Use 7zz 24.09+, not old p7zip
# Find: App.app/Contents/Resources/app.asar

AppImage (Linux)

./App.AppImage --appimage-extract
# Find: squashfs-root/resources/app.asar

pkg (macOS flat package)

pkgutil --expand App.pkg extracted_pkg/
# Or: xar -xf App.pkg && gunzip -c Payload | cpio -i

Extract asar

npx asar extract app.asar extracted_app
# For native modules, keep them unpacked:
npx asar extract app.asar extracted_app --unpack '*.node'

Common output structure:

extracted_app/
├── out/              # Bundled JS (main/ + client/)
├── node_modules/     # Server-side node_modules (framework clues)
├── package.json      # Dependencies, Electron version
└── resources/        # Icons, assets

Phase 2: Identify Bundle Type

Look at the JS output to determine the bundler:

Pattern	Bundler	Strategy
`__webpack_require__`, `webpackChunk`	webpack	Full webcrack pass
`__vite__mapDeps`, `_app/immutable/chunks/`	Vite/SvelteKit	webcrack format, skip chunk rename
`__esModule`, `Object.defineProperty(exports`	TypeScript/esbuild	webcrack + deobfuscate
`require("./chunk-")`, `__browserify_`	browserify	webcrack unpack

Phase 3: webcrack

npm install -g webcrack
webcrack input.js -o output_dir/

webcrack handles: webpack unpacking, JSX transpilation, string array deobfuscation, control flow unminify, formatting. Output file: output_dir/deobfuscated.js.

Phase 4: Scope-Aware Rename (deobfuscate.js)

cd <skill-dir>
npm install @babel/parser @babel/traverse @babel/generator @babel/types
node scripts/deobfuscate.js <webcrack_output.js> [output.js]

This script performs three scope-aware passes:

Import alias rename: import { BrowserWindow as n } → _BrowserWindow. Only triggers when imported name is meaningful (>2 chars) and local name is short (<4 chars). Uses Babel scope.rename() to avoid cross-scope conflicts.
Webpack factory param rename: (e, t) => { t.exports = ... } → (module_, exports_). Detects factory pattern by checking for exports property assignment and require("literal") calls. Only applies within the factory function scope.
Utility pattern rename: var se = Object.create → var Object_create = Object.create. Renames at program scope.

Phase 5: Statistical Local Variable Rename (rename-locals.js)

node scripts/rename-locals.js <deobfuscated.js> [output.js]

Heuristic-based local variable renaming using context analysis:

Type detection: .push()/.forEach() → array, .replace() → string, .then() → Promise
Role detection: new X() → constructor, X++ → counter/index, typeof X=="function" → callback
Assignment source: X = require("y") → module, X = path.join() → filePath, X = Object.keys() → propNames
Param position: (err, result) callback convention, (req, res) pattern
Scope neighbor context: If nearby binding is "callback", this one is likely also a callback

Key Files to Target

File	Size	Content
`main/index.js`	200-500KB	Main process: IPC handlers, window management, tray, menus
`client/*.js` or `_app/`	1-10MB	Renderer/UI bundle (SvelteKit/React/Vue)
`preload.js`	1-50KB	Preload script: contextBridge API exposure
`*.node`	Binary	Native addons (skip, not JS)

Reading the Output

Import lines = API surface:

import { BrowserWindow as _BrowserWindow, ipcMain as _ipcMain } from "electron";

Webpack module boundaries:

var SomeModule = wrapper((module_, exports_) => {
  exports_.exports = { someExport };
});

IPC handlers = main↔renderer communication:

_ipcMain.handle("channel-name", (event, input) => { ... });

Naming convention:

_Xxx — Import alias, restored from original name
module_/exports_/require_ — Webpack factory params
Short names remaining after Phase 4 — Application-level locals (need Phase 5 or manual reading)

Resources

scripts/deobfuscate.js — Scope-aware variable renamer (Phase 4 runner)
scripts/rename-locals.js — Statistical local variable renamer (Phase 5 runner)
references/api-patterns.md — Electron/Node.js API method catalog for heuristic matching
references/workflow.md — Detailed step-by-step workflow with troubleshooting