DESA FAQ
Public-safe answers for deterministic encoded-script analysis and PowerShell deobfuscation.
Does DESA execute submitted scripts?
No. DESA performs deterministic static analysis only. It never invokes PowerShell, evals script content, runs decoded payloads, or automatically fetches URLs embedded inside a script.
Is public script paste analysis available without a key?
Yes. Phase 1 public-safe paste, upload, URL preview, decoding, IOC extraction, rules browsing, exports, and read-only MCP introspection are public by default.
What does PLATPHORM_API_KEY protect?
PLATPHORM_API_KEY is scaffolded for future protected backend services such as private persistence, bulk analysis, sync jobs, rule mutation, report generation, and sensitive audit operations.
Where is analysis history stored?
When backend storage is unavailable, DESA uses honest degraded server history and browser-local metadata history. Raw submitted scripts are not published in public discovery files or feeds.
Can DESA fetch a script from a URL?
Yes, for public-safe HTTP and HTTPS URLs only. URL fetches are size-limited, timeout-limited, do not follow redirects, and block localhost, private IPs, link-local, metadata, and internal network targets.