Firefox Built‑in AI Reverse Agent: A Reverse Engineering Workstation for JS/JSVMP/WASM
The Firefox‑Reverse tool adds an AI‑driven, non‑intrusive tracing agent to Firefox that can automatically or interactively reverse‑engineer JavaScript, JSVMP, and WebAssembly code, supporting multiple LLM backends and outputting standalone scripts or pure‑JS implementations.
Introduction
Firefox‑Reverse is an AI‑enabled reverse‑engineering workstation built into Firefox. It provides a generic JS/JSVMP/WASM/signature analysis environment that uses SpiderMonkey‑level non‑intrusive tracing to recover encrypted parameters as pure algorithms independent of the browser.
Project address: https://github.com/WhiteNightShadow/firefox-reverse
Usage
Download the appropriate release, unzip it, and open the AI sidebar. Click the Firefox‑Reverse tool icon (robot/reverse icon) in the right‑hand sidebar to open the Agent panel.
Configure the model: the agent supports DeepSeek, Zhipu GLM, Kimi (Moonshot), MiniMax, Qwen, Claude, OpenAI, or any custom endpoint compatible with the OpenAI/Anthropic API by providing baseUrl, token, and model name.
Two modes
Full automation – provide target interface/parameters and the agent runs end‑to‑end without intervention (suitable for unattended execution).
AI‑assisted – the agent proposes a plan, pauses after each stage, offers direction options, and lets the user approve before proceeding (useful for learning or complex targets).
Example
Describe the target using the following format; the more specific the information, the fewer detours the AI will take:
【站点URL】https://example.com/list # Page where the target request appears
【接口URL】GET https://example.com/api/v1/list?page=1 # Desired request to reproduce
【目标参数】X‑Sign header (signature). Include any dynamic parameters such as timestamps, device fingerprints, or tokens.
【输出目标】① Black‑box usable version: generate a Node.js script that reproduces the parameters independently.
② White‑box pure‑JS version: further reverse to a pure JavaScript implementation without original obfuscated code (optional).After submitting, the agent captures packets, locates the relevant code, supplements the environment, and validates the result. Generated artifacts—scripts, restored code, and notes—are saved in the work directory assigned to the session.
Project address: https://github.com/WhiteNightShadow/firefox-reverse
Source: 进击的HACK
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Black & White Path
We are the beacon of the cyber world, a stepping stone on the road to security.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.
