Today's tip is just purely based on some experiences I've had during testing. The gist is that some developers choose to render the application in such a way where obfuscation IS the security. So I will explain the scenario and then how to modify proxy options to uncover the obfuscated data.
It is true that you will eventually, when performing manual dynamic analysis, review the source code of every response. However, in my case, directly after building my site map I simply take a look and annotate the interesting finds and input that I may want to test.
To keep track of these annotations I prefer Dradis 2.3 and if you have any questions on using this tool might I suggest one of three routes. The first is to join the community Here. The second is to contact etd, the creator, on irc at irc.freenode.net on the #dradis channel. Lastly, etd is on twitter twitter.com/etdsoft and I highly suggest following him anyways!
Now in the 'match' field enter in the 'match' field this time and in the 'replace' field just leave this blank. When you are finished it should look like: