The Cyber Swiss Army Knife
I always try to make my daily work easier. That’s why I like to use some tools that help me during the workday. Everyone use online tools or some IDE features. One of the tools I use is called CyberChef. I am not a developer of this tool, only like what they do.
What exactly is CyberChef
CyberChef is a web application that can help you with a huge amount of functionality.
In short they describe the application as The Cyber Swiss Army Knife.
A bit more detailed description directly taken from the GitHub-Page
CyberChef is a simple, intuitive web app for carrying out all manner of “cyber” operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more.
The tool is designed to enable both technical and non-technical analysts to manipulate data in complex ways without having to deal with complex tools or algorithms. It was conceived, designed, built and incrementally improved by an analyst in their 10% innovation time over several years.*
How this tool can help you
- Have you ever pasted some one liner JSON with maybe sensitive data into an unknown webpage because you wanted to have a nice formatted version of that JSON content?
- Have you ever entered a password into an input field on a webpage to convert it into a SHA3 hash? Maybe the most of us have done this. Hopefully not with some in production used passwords.
- Maybe not a feature that a developer needs, but as a hobby photographer sometimes I need to extract EXIF data from images. So I don’t need a photo editor for this small task.
Did you recognize yourself here? Than maybe this tool is one of the tools you should use in the future and continue reading here.
Where to find and how to install
Head over to the GitHub-Page. Grab the newest CyberChef_vX.XX.X.zip file from the releases, unzip and start the CyberChef_vX.XX.X.html file. That’s it. You are ready to go. There is also a live demo page where you can try the app without downloading.
What are the concepts you need to know
Before we start with an easy example, I want to describe the two main concepts used by the app.
- Operation: An operation is nothing else than a special function that processes an input. Almost any function can be parameterized somehow.
- Recipe: A recipe consists of at least one operation. It’s also possible to bring more operations into a sequence. In that case the output of the first operation will be the input for the second operation, the output of the second operation will be the input for the third operation, and so forth.
How to use it
I choose a simple example to demonstrate the base workflow by beautifying a JSON. You can follow the steps to create your first Recipe.
1. Search for the operation you want to execute. I searched here for json to find the JSON Beautify operation.
2. Drag and drop the operation to the Recipe area or double click it.
3. Input the value you want to process.
4. Verify that Auto Bake is activated or hit the green BAKE! button.
5. The result of the recipe will be displayed in the Output area.
Congratulation! You just processed some data by using an Operation.
There are some examples on the readme startpage on GitHub in the How it works area. Take a look for more already prepared (more complex) Recipes.
Why I like that tool
CyberChef can work completely offline. I have not recognized any network traffic from the browser to any outside URL. I like the intuitive interface with the drag & drop feature. The Favorites area is also nice so I can group the most used so called operations. Operations can be executed one after another by dragging more operations into the Recipe area.
For me one of the most important things is, that I don’t need to paste sensitive data into an unknown webpage.
Take a look at the Features list for a complete overview.
What I used the app for so far is only the tip of the iceberg. It can do a lot more stuff than formatting JSON or converting passwords into SHA3 hashes. I haven’t dug too deep into this web app, but when I read through the main categories like Forensics, Code tidy or Date/Time I can imagine it can do lot more nice things.
I hope you found this short Blogpost useful and the tool might help you in your daily work.