Skip to main content

CyberChef

CyberChef is GCHQ's open-source web application for data transformation, widely known as "The Cyber Swiss Army Knife." Hawkra embeds CyberChef v10.19.4 directly into the platform, giving you access to hundreds of data encoding, decoding, encryption, and analysis operations without leaving your browser or switching to an external tool.

CyberChef embedded in Hawkra

How It Works

CyberChef is embedded in an isolated, sandboxed iframe. All processing happens locally -- no data leaves your browser.

Common Security Testing Use Cases

CyberChef is particularly useful during penetration testing and vulnerability analysis for tasks that involve transforming, encoding, or analyzing data.

Encoding and Decoding

  • Base64 -- Encode and decode Base64 strings, commonly found in HTTP headers, JWT tokens, and encoded payloads.
  • URL Encoding -- Encode and decode URL-encoded strings for testing web application input handling and parameter tampering.
  • Hex -- Convert between hexadecimal and raw bytes for analyzing binary protocols, shellcode, or memory dumps.
  • HTML Entities -- Encode and decode HTML entities for XSS payload development and analysis.

Hashing

  • MD5 -- Generate MD5 hashes for file integrity checks or password hash comparison.
  • SHA-1 -- Compute SHA-1 digests for certificate fingerprinting and integrity verification.
  • SHA-256 -- Generate SHA-256 hashes for secure file verification and comparing against known-good hashes.
  • HMAC -- Compute keyed-hash message authentication codes for API signature verification.

Encryption and Decryption

  • AES -- Encrypt and decrypt data using AES with various modes (CBC, ECB, GCM) and key sizes for testing application encryption implementations.
  • XOR -- Apply XOR operations with single-byte or multi-byte keys, commonly used for deobfuscating malware payloads and simple ciphers.
  • DES / Triple DES -- Work with legacy encryption schemes still found in older systems.
  • RSA -- Perform RSA operations for testing public-key cryptography implementations.

Data Extraction

  • Regular Expressions -- Extract patterns from text, such as IP addresses, email addresses, URLs, or file paths from logs and output.
  • JSON Parsing -- Pretty-print, minify, or extract values from JSON payloads returned by APIs.
  • XML Parsing -- Format and extract data from XML responses and SOAP payloads.
  • Extract Files -- Carve embedded files from binary data streams.

Format Conversion

  • Character Encoding -- Convert between UTF-8, ASCII, Latin-1, and other character encodings.
  • Timestamp Conversion -- Convert between Unix timestamps, ISO 8601, and human-readable date formats.
  • Number Base Conversion -- Convert between decimal, hexadecimal, octal, and binary representations.
  • JWT Decode -- Decode and inspect JSON Web Token headers and payloads without verification.

Available Module Categories

CyberChef organizes its operations into categories. The following modules are available in the embedded version:

ModuleExamples
HashingMD5, SHA-1, SHA-256, SHA-512, HMAC, RIPEMD, CRC
CryptoAES, DES, RSA, Blowfish, RC4, Rabbit
CiphersROT13, Vigenere, Affine, Atbash, Bifid
EncodingBase64, Hex, URL, HTML, Unicode, Morse Code
CodeJavaScript, Python, PHP beautify and minify, syntax highlighting
ChartsScatter plots, hex density, frequency distribution
CompressionGzip, Bzip2, Zlib, Deflate, LZString
ImageConvert to/from Base64, render hex as image, extract EXIF
OCROptical character recognition from image data
PGPPGP encrypt, decrypt, sign, verify
RegexPattern matching, extraction, replacement
SerializationJSON, XML, YAML, MessagePack, Protobuf
URLParse URLs, encode/decode components, extract query parameters
YARAWrite and test YARA rules against input data

Key Actions

ActionHow
Open CyberChefClick CyberChef in the top navigation bar
Build a recipeDrag operations from the left panel into the Recipe area
Transform dataPaste data into Input; view results in Output
Chain operationsAdd multiple operations to Recipe; they execute top to bottom
Save a recipeUse CyberChef's built-in save/load recipe feature
Clear everythingClear the Input, Recipe, and Output panels to start fresh