CyberChef: The Cyber Swiss Army Knife
A brief on CyberChef, the cyber Swiss army knife, and self-hosting options with Railway and Render.
Ever had to decode a base64-encoded string or manipulate a datetime and scrambled to find the right tools? Or maybe convert data from a hexdump, then decompress it? Security analysts will recognise that these are not necessarily difficult tasks, but definitely time consuming if you don't have the right environment or toolset. What if there was a tool that allowed you to perform such tasks in a browser? Well, CyberChef is exactly that tool. In this post, we'll discuss the capabilities of CyberChef, and how to self-host it on Railway or Render.
What is CyberChef?
CyberChef, by GCHQ, is a simple web application for performing cryptographic operations like encoding/decoding, calculating hashes/checksums, and more, in the browser itself. It is designed for technical and non-technical professionals, and helps manipulate data in various ways without having to learn complex algorithms, install the underlying binaries, or maintain special environments for the tools. A cyber Swiss army knife if you will! CyberChef runs entirely client-side, in the browser, and does not send data to any web server.
Here are some operations that you can perform with CyberChef:
- Encode a string in base64 format / decode a base64-encoded string
- Automatically detect layers of nested encodings
- Encrypt/decrypt data with AES/DES/Blowfish and other ciphers
- Convert data from hexdump, and decompress the data
- Convert date/time to a different timezone, display multiple timestamps
- Decrypt and disassemble shell code
- Save, load, and share recipes i.e. sequences of repeatable steps
Deploy CyberChef using One-Click Starter on Railway
Railway is a modern app hosting platform that makes it easy to deploy production-ready apps quickly. Sign up for an account using GitHub, and click Authorize Railway App when redirected. Review and agree to Railway's Terms of Service and Fair Use Policy if prompted. Railway does not offer an always-free plan anymore, but the free trial is good enough to try this. Launch the CyberChef one-click starter template (or click the button below) to deploy the app instantly on Railway.
Review the defaults and click Deploy; the deployment will kick off immediately.
Once the deployment completes, your own cyber Swiss army knife will be available at a default xxx.up.railway.app domain - launch this URL to access the app. If you are interested in setting up a custom domain, I covered it at length in a previous post - see the final section here.
Deploy CyberChef using Docker Image on Render
Render is another modern app hosting platform that makes it easy to deploy production-ready apps quickly. Sign up for an account using email or one of the Git providers, and create the CyberChef web service. Log in to the Render dashboard, and click New Web Service.
You can either deploy from the Infisical git repository, or from a registry image. Select the Deploy an existing image from a registry option and click Next.
If you don't see the second option, you may need to enable the Deploy from external registries feature from the Early Access section of your profile.
Provide the docker image location, and click Next.
Specify a name (say cyberchef) for your web service, choose the default Free plan, and click Next to create the web service. Shortly, the CyberChef app will be available at a default xxx.onrender.com domain. If you want to set up a custom domain, see this guide from Render.