Cyber security

CyberChef Server – A Comprehensive Guide To Setting Up And Using A CyberChef API

CyberChef has a useful Node.js API, but sometimes we want to be able to programmatically run CyberChef recipes in languages other than JavaScript.

By running this server, you can use CyberChef operations in any language, as long as you can communicate via HTTP.

Example Use

Assuming you’ve downloaded the repository and are running it locally:

curl -X POST -H "Content-Type:application/json" -d '{"input":"... ---:.-.. --- -. --. --..--:.- -. -..:- .... .- -. -.- ...:..-. --- .-.:.- .-.. .-..:- .... .:..-. .. ... ....", "recipe":{"op":"from morse code", "args": {"wordDelimiter": "Colon"}}}' localhost:3000/bake

response

{
    value: "SO LONG, AND THANKS FOR ALL THE FISH",
    type: "string"
}

Features

  • Compatible with recipes saved from CyberChef. After using CyberChef to experiment and find a suitable recipe, the exported recipe JSON can be used to post to the /bake endpoint. Just copy/paste it in as your recipe property as part of the POST body.

Installing

  • Clone the repository
  • cd into the project and run npm install
  • Run npm run
  • In a browser, navigate to localhost:3000 to see usage documentation.

Docker

A Docker image can be built, then run by doing the following:

  • git clone https://github.com/gchq/CyberChef-server
  • cd CyberChef-server
  • docker build -t cyberchef-server .
  • docker run -it --rm --name=cyberchef-server -p 3000:3000 cyberchef-server

For more information click here.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

Vermilion : Mastering Linux Post-Exploitation For Red Team Success

Vermilion is a simple and lightweight CLI tool designed for rapid collection, and optional exfiltration…

1 day ago

AD-CS-Forest-Exploiter : Mastering Security Through PowerShell For AD CS Misconfiguration

ADCFFS is a PowerShell script that can be used to exploit the AD CS container…

1 day ago

Usage Of Tartufo – A Comprehensive Guide To Securing Your Git Repositories

Tartufo will, by default, scan the entire history of a git repository for any text…

1 day ago

Loco : A Rails-Inspired Framework For Rust Developers

Loco is strongly inspired by Rails. If you know Rails and Rust, you'll feel at…

2 days ago

Monolith : The Ultimate Tool For Storing Entire Web Pages As Single HTML Files

A data hoarder’s dream come true: bundle any web page into a single HTML file.…

2 days ago