CyberChef

Please note! This wiki is no longer maintained. Our documentation has moved to https://securityonion.net/docs/. Please update your bookmarks. You can find the latest version of this page at: https://securityonion.net/docs/CyberChef.

Description

From https://github.com/gchq/CyberChef :

The Cyber Swiss Army Knife CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more.

The tool is designed to enable both technical and non-technical analysts to manipulate data in complex ways without having to deal with complex tools or algorithms. It was conceived, designed, built and incrementally improved by an analyst in their 10% innovation time over several years. Every effort has been made to structure the code in a readable and extendable format, however it should be noted that the analyst is not a professional developer.

Accessing

To access CyberChef:

• go to the main web page or your Security Onion master server and click the CyberChef hyperlink
  OR
  
• go directly to this URL (replacing SecurityOnion with the actual hostname or IP address of your Security Onion master server): https://SecurityOnion/cyberchef/cyberchef.htm