[2510.10066] OBsmith: LLM-Powered JavaScript Obfuscator Testing

Computer Science > Software Engineering arXiv:2510.10066 (cs) [Submitted on 11 Oct 2025 (v1), last revised 27 Feb 2026 (this version, v2)] Title:OBsmith: LLM-Powered JavaScript Obfuscator Testing Authors:Shan Jiang, Chenguang Zhu, Sarfraz Khurshid View a PDF of the paper titled OBsmith: LLM-Powered JavaScript Obfuscator Testing, by Shan Jiang and 2 other authors View PDF HTML (experimental) Abstract:JavaScript obfuscators are widely deployed to protect intellectual property and resist reverse engineering, yet their correctness has been largely overlooked compared to performance and resilience. Existing evaluations typically measure resistance to deobfuscation, leaving the critical question of whether obfuscators preserve program semantics unanswered. Incorrect transformations can silently alter functionality, compromise reliability, and erode security-undermining the very purpose of obfuscation. To address this gap, we present OBsmith, a novel framework to systematically test JavaScript obfuscators using large language models (LLMs). OBsmith leverages LLMs to generate program sketches abstract templates capturing diverse language constructs, idioms, and corner cases-which are instantiated into executable programs and subjected to obfuscation under different configurations. Besides LLM-powered sketching, OBsmith also employs a second source: automatic extraction of sketches from real programs. This extraction path enables more focused testing of project specific features an...