CyberChef – The Cyber Swiss Army Knife

CyberChef is a simple modern web application that can be used for analysis, encoding/decoding data without interacting with complex algorithms. Programming languages or tools. It is easy to use and can be understood by both technical & non-technical people.

According to CyberChef, there are around 200 useful operations in CyberChef for anyone working on anything vaguely Internet-related, whether you just want to convert a timestamp to a different format, decompress gzipped data, create a SHA3 hash, or parse an X.509 certificate to find out who issued it. 

It is expected that CyberChef will be useful for cybersecurity and antivirus companies. It should also appeal to the academic world and any individuals or companies involved in the analysis of digital data, be that software developers, analysts, mathematicians, or casual puzzle solvers.





Keyboard Shortcuts (Key bindings)

Command

Shortcut(Win/Linux)

Shortcut (Mac)

Place Cursor in the search field

Ctrl+Alt+f

Ctrl+Opt+f

Place Cursor in the input box

Ctrl+Alt+i

Ctrl+Opt+i

Place Cursor in the output box

Ctrl+Alt+i

Ctrl+Opt+i

Place Cursor in first argument field of the next operation in the recipe

Ctrl+Alt+o

Ctrl+Opt+o

Place Cursor in first argument field of the nth  operation in the recipe

Ctrl+Alt+[1-9]

Ctrl+Opt+[1-9]

Disable current operation

Ctrl+Alt+d

Ctrl+Opt+d

Set/clear breakpoint

Ctrl+Alt+b

Ctrl+Opt+b

Bake

Ctrl+Alt+Space

Ctrl+Opt+Space

Step

Ctrl+Alt+’

Ctrl+Opt+’

Clear recipe

Ctrl+Alt+c

Ctrl+Opt+c

Save to file

Ctrl+Alt+s

Ctrl+Opt+s

Load recipe

Ctrl+Alt+l

Ctrl+Opt+l

Move output to input

Ctrl+Alt+m

Ctrl+Opt+m


Tools Provided by CyberChef

  1. Data Formats, such as Hex, Base64, Binary, Octal, Decimal, etc.
  2. Encryption/Encoding, such as AES, DES, Blowfish, RC2, RC4, Enigma, Bombe, etc.
  3. Public Key, such as PEM to Hex, Hex to PEM, PGP Encrypt & Decrypt, etc.
  4. Arithmetic Logic, Networking, Forensics, and a variety of tools to explore.
  5. We will look at some of the tools of CyberChef and the rest of the tools can be self-explored after little practice and understanding.

To use CyberChef Visit:


CyberChef

CyberChef is a versatile web application for all kinds of cyber operations, from encoding and decoding to data analysis and transformation. Explore its features to streamline your cybersecurity workflows.



Base 64 Encoding/ Decoding

Base64 is a notation for encoding arbitrary byte data using a restricted set of symbols that can be conveniently used by humans and processed by computers.


Base 64 Encoding

  • Open CyberChef & Drag To Base 64 under Favorites or Data Format Menu and Drop it under the Recipe Section. 
  • Under the Recipe Section, you can choose a different Base64 Algorithm, by default standard, is set. 
  • By default, Auto Bake is enabled which dynamically reflects changes in output for provided input if the Recipe is changed. 
  • You can untick Auto Bake & do it manually as well. 
  • Under Input, the Section provides a string to encode. 
  • You will get a Base64 encoded string under the Output section.

Refer to the below image to understand the whole process.

cyber-chef base64


Base64 Decoding

  • Open CyberChef & Drag From Base 64 under Favorites or Data Format Menu and Drop it under the Recipe Section. 
  • Under the Recipe Section, you can choose a different Base64 Algorithm by default standard is set. 
  • By default, Auto Bake is enabled which dynamically reflects changes in for provided input if the Recipe is changed. You can untick Auto Bake & do it manually as well. 
  • Under the Input Section, provide Base64 string to decode. 
  • You will get a Plain-Text string under the Output section. 

Refer to the below image to understand the whole process.

base64 de


AES Encryption/Decryption

Advanced Encryption Standard (AES) is a U.S. Federal Information Processing Standard (FIPS). It was selected after a 5-year process where 15 competing designs were evaluated.

Key: The following algorithms will be used based on the size of the key:

16 bytes = AES-128

24 bytes = AES-192

32 bytes = AES-256

You can generate a password-based key using one of the KDF operations.


  • IV: The Initialization Vector should be 16 bytes long. If not entered, it will default to 16 null bytes.
  • Padding: In CBC and ECB mode, PKCS#7 padding will be used.
  • GCM Tag: This field is ignored unless 'GCM' mode is used & it is used while decryption.


AES Encryption

  • Open CyberChef & Drag AES Encrypt present under the Encoding Encryption Menu and Drop it under the Recipe Section. 
  • Under the Recipe Section, provide Key & IV. (According to standard sue & IV is optional)
  • By default, Auto Bake is enabled which dynamically reflects changes in output for provided input if the Recipe is changed. 
  • You can untick Auto Bake & do it manually as well. 
  • Under the Input Section, provide a plain-text string to encode. 
  • You will get an AES Encrypted string under the Output section. 
Refer to the below image to understand the whole process.



Follow similar steps for AES Decryption . Instead of AES Encrypt, select AES Decrypt & Provide AES String as Input Key IV Input.

AES


Hex to PEM

Converts a hexadecimal DER (Distinguished Encoding Rules) string into PEM (Privacy Enhanced Mail) format.

  • Open CyberChef & Drag Hex to PEM present under the Public Key Menu and Drop it under the Recipe Section.
  • Under the Recipe Section, provide the Header String.
  • By default, Auto Bake is enabled which dynamically reflects changes in output for provided input if the Recipe is changed. 
  • You can untick Auto Bake & do it manually as well.
  • Under the Input Section, provide a HEX to convert into PEM.
  • You will get a PEM string under the Output section. 

Refer to the below image to understand the whole process (the example shows the use of plain text.)

HEX2PEM

Generate QR Code

  • Generates a Quick Response (OR) code from the input text.
  • A QR code is a type of matrix barcode (or two-dimensional barcode) first designed in 1994 for the automotive industry in Japan. A barcode is a machine-readable optical label that contains information about the item to which it is attached.
  • Open CyberChef & Drag Generate QR Code present under the Other Menu and Drop it under the Recipe Section.
  • Under the Recipe Section, provide arguments that are Image Format, Module Size Margin & Error Correction.
  • By default, Auto Bake is enabled which dynamically reflects changes in Output for provided input if The recipe is changed You can untick Auto Bake & do it manually as well.
  • Under Input, the Section provides a Plain-Text String to get a QR Code.

You will get a QR Code under the Output section.

qr

There are tons of other tools present in CyberChef that are worth spending time with and exploring. It is highly recommended to practice each of them. They are sometimes useful while playing Capture the Flags, doing investigations, or performing a penetration test. With practice, you will get an in-depth understanding of each & every tool.


Tags

You may like these posts

Show more

Post a Comment

0 Comments
* Please Don't Spam Here. All the Comments are Reviewed by Admin.

If you have any doubts or any queries you can specify here.

#buttons=(Ok, Go it!) #days=(20)

Our website uses cookies to enhance your experience. Learn More
Ok, Go it!