CyberChef
alerts investigations events tools
CyberChef is considered The Cyber Swiss Army Knife and is an open-source tool that is used extensively by Cyber Security Professionals. CyberChef makes it simple for users to carry out both simple and complex data manipulation tasks within a web browser such as:
- Decode encoded data, such as base64 or XOR
- Perform data conversions, such as timezones
- Decrypt and disassemble shellcode
- Compress and decompress data
- Calculate hashes and checksums
You can also create and save recipes for later usage. For more details on what the tool can do and examples of how it can be used, please reference the CyberChef Documentation.
Accessing CyberChef in XDR ⫘
Open CyberChef from either the Tools navigation menu or from within an Investigation Details page under the right-hand utility tray.
CyberChef from Tools Menu
CyberChef within Investigation Details
Using CyberChef ⫘
Here is an example of how to use CyberChef to decode base64 data.
- Open CyberChef from either the Tools menu or from within an Investigation.
- Drag and drop the From Base64 recipe.
- Copy and paste your encoded data into the Input field.
- Watch as your recipe automatically decodes the data and displays it in the Output field.
CyberChef Base64 Decode