CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more.
The Polarity CyberChef Integration allows you to leverage much of CyberChefs functionality by searching for any string on demand and enables you build out recipes based on the data you search.
> Important: When installing NPM
dependencies, please install using the command npm run install
instead of the typical npm install
.
Add your CyberChef Url to open up the CyberChef dashboard for full functionality. (e.g. https://gchq.github.io/CyberChef)
When checked, strings searched that do not immediately have a Magic suggestion will not be displayed in the overlay.
When checked, strings searched that are one of our predefined entity types (IPv4, IPv6, IPv4CIDR, MD5, SHA1, SHA256, MAC, string, email, domain, url, and cve) will not be displayed in the overlay.
If checked, when you search a string by default the Magic Function's first recommended Operation will be applied to your input. No Operation wil be applied if the Magic Function has no suggestions.
By default, you can find the results for each step of your recipe when expanding on the Operation's title. If the step results are getting too long you can check this to make only the final output visible in the overlay.
The minimum text input length for a string to be considered Input.
This is a list of the Favourites that will show up when you initially search for operations.
NOTE: Currently we are excluding a few Features and Operations on the current version of the integration that we plan on implementing and improving in future versions, including:
- Saving and Loading Recipes
- Improving searching Operations and the Magic Suggestions
- We are currently excluding Control Flow Operations including
Comment, Conditional Jump, Fork, Jump, Label, Merge, Register, Return, Subsection
- We are also excluding the Operations
AES Decrypt, AES Encrypt, Bombe, Colossus, Enigma, Lorenz, Multiple Bombe, Parse DateTime, RSA Decrypt, RSA Encrypt, SHA2, Tar, Translate DateTime Format, Zip
for the time being.If you feel like any of the current limitations are inhibiting your workflows, please reach out to
[email protected]
about what kinds of things you would like added so we can work to include those in our next release!
- Google Timestamp: https://github.com/mattnotmax/cyberchef-recipes#recipe-6---google-ei-timestamp
- CharCode: https://github.com/mattnotmax/cyberchef-recipes#recipe-3---from-charcode
- Powershell: https://github.com/mattnotmax/cyberchef-recipes#recipe-14---decoding-poshc2-executables
- https://github.com/mattnotmax/cyberchef-recipes
- https://www.networkdefense.co/courses/cyberchef/ - Matt Weiner
Polarity is a memory-augmentation platform that improves and accelerates analyst decision making. For more information about the Polarity platform please see: