explaingit

gchq/cyberchef

Analysis updated 2026-06-20

34,769JavaScriptAudience · developerComplexity · 2/5LicenseSetup · easy

TLDR

CyberChef is a browser-based data transformation tool from GCHQ that lets you chain operations like encoding, encryption, hashing, and compression into shareable recipes, no installs, no data leaves your machine.

Mindmap

mindmap
  root((CyberChef))
    Encoding
      Base64
      Hex
      URL encoding
    Encryption
      AES
      DES
      Blowfish
    Hashing
      MD5
      SHA-1
      SHA-256
    Compression
      Gzip
      Format parsing
    Magic Mode
      Auto detect
      Nested decoding
    Sharing
      Save recipes
      URL encoding
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Decode and inspect a suspicious Base64-encoded payload from a phishing email without installing any tools.

USE CASE 2

Chain encoding, compression, and hashing steps into a reusable recipe to debug a data pipeline.

USE CASE 3

Reverse engineer an obfuscated script by running it through CyberChef's Magic auto-detection mode.

USE CASE 4

Verify that your app's encryption or hashing output matches the expected result by testing it in the browser.

What is it built with?

JavaScriptNode.jsHTMLBrowser API

How does it compare?

gchq/cyberchefryanhanwu/how-to-ask-questions-the-smart-waytypicode/husky
Stars34,76935,03435,035
LanguageJavaScriptJavaScriptJavaScript
Setup difficultyeasyeasyeasy
Complexity2/51/52/5
Audiencedeveloperdeveloperdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · easy Time to first run · 5min

Open the hosted site at gchq.github.io/CyberChef or download the single HTML file and open it locally. No install required. Node.js API available via npm for scripted use.

Open source under the Apache 2.0 license, free to use, modify, and distribute, including in commercial products, as long as you include the license notice.

In plain English

CyberChef is a browser-based data transformation tool built by GCHQ, the UK's signals intelligence agency. The problem it solves is the everyday need analysts, security researchers, and developers have to convert, decode, encrypt, or inspect data in various formats without writing custom scripts or installing specialized software. Everything runs inside the browser, so no data ever leaves your machine and there is nothing to install. The interface works through a recipe concept. You drag operations from a searchable list into a central recipe panel, set any options for each operation, and then paste or drop your data into the input box on the right. CyberChef immediately processes your data through every step of the recipe and shows the result in an output box. You can chain any number of operations in sequence, for example, take a string, convert it from Base64 encoding, decompress it with gzip, and then calculate a SHA-256 hash of the result, all in one recipe. Recipes can be saved and shared via a URL that encodes the entire configuration. The operations library is extensive, covering encoding schemes like Base64, Hex, and URL encoding, symmetric encryption algorithms like AES, DES, and Blowfish, hashing algorithms like MD5, SHA-1, and SHA-256, compression formats, network protocol parsing, character set conversions, and many more. There is also an automatic detection mode called Magic that tries to identify and decode nested encoding schemes without you having to guess what they are. You would use CyberChef when analyzing a suspicious file, debugging a data pipeline, reverse engineering an obfuscated payload, verifying encryption, or whenever you need to quickly transform data between formats. It is a JavaScript application that can be used from the hosted site, run locally from a downloaded HTML file, or embedded in other applications via its Node.js API.

Copy-paste prompts

Prompt 1
I have a Base64-encoded string that may also be gzip-compressed. Using CyberChef's recipe model, what sequence of operations should I chain to fully decode it?
Prompt 2
Show me how to use CyberChef's Node.js API to programmatically run a recipe that takes a hex string, converts it to bytes, and outputs a SHA-256 hash.
Prompt 3
I want to embed CyberChef in my web app so users can transform data without leaving my site. How do I import and call it via its npm package?
Prompt 4
Using CyberChef, how do I build a recipe that decrypts AES-256-CBC ciphertext given a known key and IV, then decompresses the result?
Prompt 5
What CyberChef operations would help me analyze a suspicious file attachment, walk me through a triage recipe step by step.

Frequently asked questions

What is cyberchef?

CyberChef is a browser-based data transformation tool from GCHQ that lets you chain operations like encoding, encryption, hashing, and compression into shareable recipes, no installs, no data leaves your machine.

What language is cyberchef written in?

Mainly JavaScript. The stack also includes JavaScript, Node.js, HTML.

What license does cyberchef use?

Open source under the Apache 2.0 license, free to use, modify, and distribute, including in commercial products, as long as you include the license notice.

How hard is cyberchef to set up?

Setup difficulty is rated easy, with roughly 5min to a first successful run.

Who is cyberchef for?

Mainly developer.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Scan in gitsafehub Deploy in gitdeployhub gchq on gitmyhub

Verify against the repo before relying on details.