Discussion about this post

User's avatar
وليد نعيم بن رفيق مجاهد's avatar

Interesting article. I'm going to have to look over my projects and see where AI might be relevant.

I am most fascinated by this statement: "AI helps analyze JavaScript, identify API endpoints, and reverse-engineer request payloads."

Can you provide a more detailed case where you've done this? At the moment I'm imagining somehow feeding network logs and compressed/ofuscated javascript to some LLM and somehow it figuring things out. But maybe that's not how it works? How would you use AI in the website reverse engineering process?

For me it's all manual, and I actually enjoy the process manually. I love living in the preformance flame graphs and debugger in devtools, plus building xhr requests deobfuscating sections of javascript that seem relevant, following evals through, etc. I feel a bit fearful of a tool taking that "fun" away, but having tools (custom or otherwise) that could help could definitely help me make money, so it's a balance I think. At the same time, if there was a record and replay style software (preferably open source) that somehow utilised AI, that would be fascinating to study and use for more scaled up projects for where "fun" wears out quickly.

Expand full comment
4 more comments...

No posts