Chepy : A Python lib/cli Equivalent Of The Awesome CyberChef Tool

Chepy is a python library with a handy cli that is aimed to mirror some of the capabilities of CyberChef. A reasonable amount of effort was put behind it to make it compatible to the various functionalities that CyberChef offers, all in a pure Pythonic manner.

There are some key advantages and disadvantages that it has over Cyberchef. The Cyberchef concept of stacking different modules is kept alive in Chepy.

There is still a long way to go for it as it does not offer every single ability of Cyberchef.

Example

For all usage and examples, see the docs.

It has a stacking mechanism similar to Cyberchef. For example, this in Cyberchef:

This is equivalent to

from chepy import Chepy

file_path = “/tmp/demo/encoding”

print(
Chepy(file_path)
.load_file()
.reverse()
.rot_13()
.base64_decode()
.base32_decode()
.hexdump_to_str()
.o
)

Also Read – ShuffleDNS : Wrapper Around Massdns Written In Go To Enumerate Valid Subdomains Using Active Bruteforce

Chepy vs Cyberchef

Advantages

  • It is pure python with a supporting and accessible python api
  • It has a CLI
  • It CLI has full autocompletion.
  • Supports pe, elf, and other various file format specific parsing.
  • Extendable via plugins
  • Infinitely scalable as it can leverage the full Python library.
  • It can interface with the full Cyberchef web app to a certain degree. It is easy to move from Chepy to Cyberchef if need be.
  • Its python library is significantly faster than the Cyberchef Node library.
  • Works with HTTP/S requests without CORS issues.

Disadvantages

  • It is not a web app (at least for now).
  • It does not offer every single thing that Cyberchef does
  • It does not have the magic method (at the moment)

Installation

It can be installed in a few ways.

Pypi

pip3 install chepy
# optionally with extra requirements
pip3 install chepy[extras]

Git

git clone –recursive https://github.com/securisec/chepy.git
cd chepy
pip3 install -e .
# I use -e here so that if I update later with git pull, I dont have it install it again (unless dependencies have changed)

Docker

docker run –rm -ti -v $PWD:/data securisec/chepy “some string” [somefile, “another string”]

Standalone binary

One can build it to be a standalone binary also. This includes packaging all the dependencies together.

git clone https://github.com/securisec/chepy.git
cd chepy
pip install .
pip install pyinstaller
pyinstaller cli.py –name chepy –onefile

The binary will be in the dist/ folder.

Plugins

Check here for plugins docs

.. toctree::
:maxdepth: 3
:caption: Contents:
usage.md
examples.md
cli.rst
chepy.md
core.md
modules.rst
extras.rst
plugins.md
pullrequest.md
config.md
faq.md

Indices and tables
==================
:ref:genindex
:ref:modindex
:ref:search

Download
R K

Share
Published by
R K
Tags: ChepyCLICyberCheflibPython
5 years ago

Recent Posts

Bomber : Navigating Security Vulnerabilities In SBOMs

bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…

4 hours ago

EmbedPayloadInPng : A Guide To Embedding And Extracting Encrypted Payloads In PNG Files

Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…

4 hours ago

Exploit Street – Navigating The New Terrain Of Windows LPEs

Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…

2 days ago

ShadowDumper – Advanced Techniques For LSASS Memory Extraction

Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…

3 days ago

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

2 weeks ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

3 weeks ago