Hi. I am doing some research on JS and PHP code obfuscation. It seems that there are many methods to do this: base64, gz_inflate, etc. Custom algorithms could even be used for obfuscation purposes. I am simply overwhelmed by the number of obfuscation techniques.
I have two questions which I am unsure of:
1. How do we detect obfuscated code since there are so many algorithms that could be used?
2. How do we run obfuscated code? Do we need to de-obfuscate it first?
I apologise if my questions are amateur. I am just a beginner in Computer Security.