🧑‍🍳 #CyberChef from @GCHQ is a popular #OpenSource tool to help analyse a wide variety of data. A case study in how it was open sourced. #oss #civictech #policing
https://www.gov.uk/government/case-studies/how-gchq-made-its-cyberchef-app-open-source

#GHIDRA is better than #Cyberchef. Fight me.

@jsmall CyberChef is awesome! It's such a great tool for pulling things apart and detecting encodings. The xor brute force with a crib is a daily usage of mine.

I love the @binaryninja feature for doing in place transforms and the Ghidra feature for translation and memory overlays for deobfuscating data too. I use both in combination with CyberChef daily 🥳

Maybe I should build an extension to send data to CyberChef direct from Binja and Ghidra 🤔

https://gchq.github.io/CyberChef/

#CyberChef #ReverseEngineering

3/ With #Cyberchef's "Change IP format", we can easily switch between formats.

I think this concept is fundamental to know and understand to assess the limitations in specific hunts better and avoid certain blind sports.

[1] https://twitter.com/mgreen27/status/1618538058701475840
[2] https://docs.velociraptor.app/exchange/artifacts/pages/publicip/

RT @eForensics_Mag@twitter.com

Learn how to use CyberChef - also known as the Cyber Swiss Army Knife! Encoding, encryption, compression, and data analysis are covered. https://bit.ly/2ZIXl4u #infosec #cybersecurity #redteam #Pentesting #hacking #hackers #coding #opensource #Linux #cyberchef #DataAnalytics

🐦🔗: https://twitter.com/eForensics_Mag/status/1605027709440077824

I expected #tryhackme #AdventOfCyber2022 to be some light fun, but instead I find it super useful for learning about tools I haven't heard of.

For example, #CyberChef. I have my fair share of experience piping together a handful of cli tools to solve similar extractions, and then here's this tool making the process much lighter.

Then there are others, where I didn't even know the problem exist they want to solve, like #Cetus.

Great fun!

I expected #tryhackme #AdventOfCyber2022 to be some light fun, but instead I find it super useful for learning about tools I haven't heard of.

For example, #CyberChef. I have my fair share of experience piping together a handful of cli tools to solve similar extractions, and then here's this tool making the process much lighter.

Then there are others, where I didn't even know the problem exist they want to solve, like #Cetus.

Great fun!

I have set myself the crazy challenge of attempting to complete #AdventOfCode using a different language or tool every day. Trying to leave my strongest options for harder challenges. No efforts made to be quick, performant, or readable!

So far, 10 days solved with #CyberChef, #WebAssembly, #PostgreSQL, #Bash, #Perl, #Postscript, #Lua, #OpenPolicyAgent, #QBasic, #GoogleSheets respectively.

@taylorparizo I'm getting around to really dive into this and WOW - this is a great resource!!

#CyberChef

@chmod777 extremely useful. Here's a list of 70 #CyberChef recipes.
https://github.com/mattnotmax/cyberchef-recipes

Yesterday's Advent of Cyber utilized CyberChef. Last night I completed a malware challenge in LetsDefend that also utilized CyberChef.

I'm starting to think this CyberChef is pretty useful :think_mind_blown:​

#CyberChef
#TryHackMe
#LetsDefend

Oh man my brain really enjoyed the #cyberchef tool in Day 7 of #AdventOfCyber2022. I'd love to find more ways to practice using it.

Day 7 of the #TryHackMe #AdventOfCyber2022 challenge was a bit more technical than the first few. I got to familiarize myself with a new tool called #CyberChef that allows you to take a peak inside files and see what information you can glean from strings that exist and gives you tools to decode and undo any obfuscation that is being used in the case of malware.

The challenge just scratched the surface, but it was still interesting.

#Infosec

#TryHackMe #AdventOfCyber2022 day 7

so todays task was to pick apart the malicious Document we discovered during yesterdays Email Analysis.

We get a short intro into the tool #CyberChef and then start to analyze the files contents.

I made a small mistake in one step and choose Base62 decode instead of Base64. So I got a lot of Asian characters instead of latin ones that was interesting and took me a bit to find what went wrong 😅​

it was again a fun challenge today and I got to learn something new.

https://tryhackme.com/room/adventofcyber4

Today was my first time playing with CyberChef thanks to today's Advent of Cyber challenge from THM. That was actually a lot of fun this morning knocking out that challenge!

#TryHackMe
#AdventOfCyber2022
#CyberChef

Dissecting a malicious attachment with a long recipe with #Cyberchef in day 7 of #AdventOfCyber2022 was an interesting experience. It also only took me 7 days on how to copy and paste from the virtual attack box, lol.

#Cyber #CyberChef
https://blog.infosecworrier.dk/2021/12/how-to-build-cyberchef.html

Ugly BASH scripts to build CyberChef now working with latest version (2022-11-11):
https://github.com/martinboller/cc-build

CyberChef - The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis.

#CyberChef #GCHQ #BASH #Node

@cymplecy CyberChef is a great tool for this kind of thing, in general - https://gchq.github.io/CyberChef/#recipe=URL_Decode()

#UrlDecode #CyberChef #DataManipulation

How to recognize possible #stealer? It tries to access sensitive files (e.g. browser cookies, credential stores, crypto wallets, steam keys) followed by the data upload.

One example: #Redline #stealer. Accessing sensitive data followed by data upload including list of user processes, passwords and screenshot.

#CyberChef recipe for extracting screenshot:
https://gchq.github.io/CyberChef/#recipe=To_Hex('None',0)Regular_expression('User%20defined','89504e470d0a1a0a.*49454e44ae42.%7B4%7D',true,true,false,false,false,false,'List%20matches')Render_Image('Hex')

#anyrun sample: https://app.any.run/tasks/39f5008c-b5c3-4917-ab0c-f3e48ac13dc9/

#malware #dfir #infostealer #malwareanalysis