Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

UK’s GCHQ Spy Agency Launches Open Source Data Analysis Tool

The U.K. Government Communications Headquarters (GCHQ) on Monday announced the launch of a new open source web tool designed for analyzing and decoding data.

The U.K. Government Communications Headquarters (GCHQ) on Monday announced the launch of a new open source web tool designed for analyzing and decoding data.

Named CyberChef, the tool is advertised by the intelligence agency as a “Cyber Swiss Army Knife.” It uses a simple interface with a drag-and-drop feature to allow both technical and non-technical people to analyze encryption, compression and decompression, and data formats.

The organization expects it to be useful not only to professionals in the cybersecurity industry, but to anyone involved in data analysis, including mathematicians, analysts, software developers and even casual puzzle solvers.

Users can, for example, convert data from a hexdump, display timestamps as a full date, decode Base64 strings, parse Teredo IPv6 addresses, and manipulate different types of data.

For the time being, CyberChef runs in Chrome and Firefox, but GCHQ hopes contributors will make the app compatible with Microsoft Edge as well. There is no intention of making it compatible with Internet Explorer.CyberChef tool launched by GCHQ

The source code and a demo have been made available on GitHub. The agency pointed out that the tool is not complete and has encouraged developers to contribute as much as possible.

“It is hoped that by releasing CyberChef through Github, contributions can be added which can be rolled out into future versions of the tool, and is an excellent example of GCHQ providing a platform on which to base cybersecurity operations,” GCHQ said.

CyberChef is the latest of several cyber security initiatives announced recently by the British spy agency, including the launch of a new National Cyber Security Center (NCSC), and the certification of Master’s and Bachelor’s degrees in cyber security.

Several other interesting open source security tools have been released in the past period, including by Pwnie Express, Google, Facebook, Yahoo, Netflix and Twitter.

Advertisement. Scroll to continue reading.

Related Reading: Britain’s GCHQ Spies Are on Twitter, Officially

Related Reading: Attackers Increasingly Abuse Open Source Security Tools

Related Reading: Running in Front of the Open Source Parade

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Security Infrastructure

Security vendor consolidation is picking up steam with good reason. Everyone wants to improve security efficiency and effectiveness while paying for less.

Management & Strategy

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.

Cloud Security

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.

Security Infrastructure

Instead of deploying new point products, CISOs should consider sourcing technologies from vendors that develop products designed to work together as part of a...

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.

Audits

The PCI Security Standards Council (SSC), the organization that oversees the Payment Card Industry Data Security Standard (PCI DSS), this week announced the release...

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture