CyberChef – Cyber Swiss Army Knife
Its a brilliant tool, has replaced visiting 3 or 4 different mini sites to do some basic conversions etc..
EDIT: Other thing to note, is you can define, a set of operations, ex: https://gchq.github.io/CyberChef/#recipe=ROT13(true,true,13)
and get a shareable link
So much fun!
At first glance, only feature requests I might have added when I did this sort of work would be in for audio spectrographs in the multimedia section. Useful for finding stego, embedded thumbnails, hidden channels etc, and a generalized malicious ZIP parser that deals with the myriad of nasties packers can use.
The demand to scale this capability within an agency like that makes it worth while to build tools like this, wonder whatother easter eggs are in there beyond alert msgs.
Brits, so cheeky.
Wow I actually thought of building a tool similar to this for CTFs, specifically this feature:
https://github.com/gchq/CyberChef/wiki/Automatic-detection-o...
This is REALLY cool. Basically given an unknown string or file from something CTF-y you can run this tool on it to look for low-hanging fruit like it being e.g. base64 encoded.
https://github.com/usdAG/cstc this implements This as a burp plugin. A few Colleagues developed this and released it two weeks ago at defcon
It reminds me of SnD Reverser Tool[1], although compared to this, SnD RT has a bit more constrained scope in what it does, but it's also a standalone exe of just ~150KB. such a shame it's no longer being developed...
Cryptool is similar and I think older. At least I remember that I have used the desktop version in the 90s.
While I appreciate that they made a web version I think they scattered their efforts to create different versions too much so that the project suffered regarding features and quality.
What’s the CLI version of this? It’s too cumbersome to click around in a GUI.
This looks kind of neat (and not too dissimilar to my own software -- see bio), though I can't seem to make it work (or "Bake"?).
It also reminds me of OpenRefine, another very cool online data processing tool with a slightly different focus.
Some great operations in there. Especially [Other > XKCD Random Number]
https://gchq.github.io/CyberChef/#recipe=XKCD_Random_Number(... "RFC 1149.5 specifies 4 as the standard IEEE-vetted random number."
nice!
so is any of the input feeding back to GCHQ?
I use this a lot for basic things like base64 decoding. Of course, nothing you can't do with A.N. programming language, but handy for quick checks.
This tool is great. Very useful for CTFs
This is just about the greatest thing ever, thanks for sharing.
Really nice, thanks for sharing
Extremely cool.
great site, been using it for years
This is awesome! Not sure if OP put this together, but thank you.
This has been posted many times to HN [0]. Is there something making it newsworthy this time?
[0] https://hn.algolia.com/?query=cyberchef&sort=byPopularity&pr...
Why would anyone use a third-party web service to carry out cyber analysis? These tasks are easy enough to do/code.
It's funny looking at some of the contributors to this. Some of the accounts seem to be vague, single-duty accounts made for the express purpose of contributing code to CyberChef and nothing else. I admire their OPSEC
(From: https://github.com/gchq/CyberChef/graphs/contributors)
https://github.com/n1474335
https://github.com/j433866
https://github.com/d98762625
https://github.com/s2224834
https://github.com/GCHQ77703