bl4d3rvnner7/php-deobfuscator — reverse-engineered prompt

Build me a simple command line PHP tool that can take an obfuscated PHP file, or a small phishing kit folder, and turn it into clean readable runnable PHP. I want it to work from the real syntax tree, not fragile text replacements, so it can safely decode hex and octal strings, fold obvious constant expressions, resolve weird variable indirection through $GLOBALS and local helper variables, remove the fake setup lines and dead assignments, and pretty print the cleaned result to a new file with a sensible name.

It should also be able to unwrap common packed payloads like eval with compressed or base64 encoded content, optionally follow local include and require files so names defined in one file can be resolved in another, and keep looping until no more cleanup is possible. Please add an option to generate short heuristic docblocks above functions that summarize things like request fields used and side effects such as mail, network calls, file writes, redirects, or sessions. A readable console summary of what changed would be great. Look up current parser docs online if you need to.