CyberChef: The Cyber Swiss Army Knife

Ever had to decode a base64-encoded string or manipulate a datetime and scrambled to find the right tools? Or maybe convert data from a hexdump, then decompress it? Security analysts will recognise that these are not necessarily difficult tasks, but definitely time consuming if you don't have the right environment or toolset. What if there was a tool that allowed you to perform such tasks in a browser? Well, CyberChef is exactly that tool. In this post, we'll discuss the capabilities of CyberChef, and how to self-host it on Railway or Render.

What is CyberChef?

CyberChef, by GCHQ, is a simple web application for performing cryptographic operations like encoding/decoding, calculating hashes/checksums, and more, in the browser itself. It is designed for technical and non-technical professionals, and helps manipulate data in various ways without having to learn complex algorithms, install the underlying binaries, or maintain special environments for the tools. A cyber Swiss army knife if you will! CyberChef runs entirely client-side, in the browser, and does not send data to any web server.

Here are some operations that you can perform with CyberChef:

  • Encode a string in base64 format / decode a base64-encoded string
  • Automatically detect layers of nested encodings
  • Encrypt/decrypt data with AES/DES/Blowfish and other ciphers
  • Convert data from hexdump, and decompress the data
  • Convert date/time to a different timezone, display multiple timestamps
  • Decrypt and disassemble shell code
  • Save, load, and share recipes i.e. sequences of repeatable steps

Deploy CyberChef using One-Click Starter on Railway

Railway is a modern app hosting platform that makes it easy to deploy production-ready apps quickly. Sign up for an account using GitHub, and click Authorize Railway App when redirected. Review and agree to Railway's Terms of Service and Fair Use Policy if prompted. Railway does not offer an always-free plan anymore, but the free trial is good enough to try this. Launch the CyberChef one-click starter template (or click the button below) to deploy the app instantly on Railway.

Review the defaults and click Deploy; the deployment will kick off immediately.

Deploy CyberChef using one-click template on Railway

Once the deployment completes, your own cyber Swiss army knife will be available at a default xxx.up.railway.app domain - launch this URL to access the app. If you are interested in setting up a custom domain, I covered it at length in a previous post - see the final section here.

CyberChef deployed on Railway

Deploy CyberChef using Docker Image on Render

Render is another modern app hosting platform that makes it easy to deploy production-ready apps quickly. Sign up for an account using email or one of the Git providers, and create the CyberChef web service. Log in to the Render dashboard, and click New Web Service.

Create new web service on Render

You can either deploy from the Infisical git repository, or from a registry image. Select the Deploy an existing image from a registry option and click Next.

Deploy existing docker image

If you don't see the second option, you may need to enable the Deploy from external registries feature from the Early Access section of your profile.

Enable early access features in Render

Provide the docker image location, and click Next.

Create web service from a docker image

Specify a name (say cyberchef) for your web service, choose the default Free plan, and click Next to create the web service. Shortly, the CyberChef app will be available at a default xxx.onrender.com domain. If you want to set up a custom domain, see this guide from Render.