Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

UK’s GCHQ Spy Agency Launches Open Source Data Analysis Tool

The U.K. Government Communications Headquarters (GCHQ) on Monday announced the launch of a new open source web tool designed for analyzing and decoding data.

The U.K. Government Communications Headquarters (GCHQ) on Monday announced the launch of a new open source web tool designed for analyzing and decoding data.

Named CyberChef, the tool is advertised by the intelligence agency as a “Cyber Swiss Army Knife.” It uses a simple interface with a drag-and-drop feature to allow both technical and non-technical people to analyze encryption, compression and decompression, and data formats.

The organization expects it to be useful not only to professionals in the cybersecurity industry, but to anyone involved in data analysis, including mathematicians, analysts, software developers and even casual puzzle solvers.

Users can, for example, convert data from a hexdump, display timestamps as a full date, decode Base64 strings, parse Teredo IPv6 addresses, and manipulate different types of data.

For the time being, CyberChef runs in Chrome and Firefox, but GCHQ hopes contributors will make the app compatible with Microsoft Edge as well. There is no intention of making it compatible with Internet Explorer.CyberChef tool launched by GCHQ

The source code and a demo have been made available on GitHub. The agency pointed out that the tool is not complete and has encouraged developers to contribute as much as possible.

“It is hoped that by releasing CyberChef through Github, contributions can be added which can be rolled out into future versions of the tool, and is an excellent example of GCHQ providing a platform on which to base cybersecurity operations,” GCHQ said.

CyberChef is the latest of several cyber security initiatives announced recently by the British spy agency, including the launch of a new National Cyber Security Center (NCSC), and the certification of Master’s and Bachelor’s degrees in cyber security.

Several other interesting open source security tools have been released in the past period, including by Pwnie Express, Google, Facebook, Yahoo, Netflix and Twitter.

Related Reading: Britain’s GCHQ Spies Are on Twitter, Officially

Related Reading: Attackers Increasingly Abuse Open Source Security Tools

Related Reading: Running in Front of the Open Source Parade

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Funding/M&A

Identity and access governance vendor Saviynt has closed a $205 million financing round.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture

ICS/OT

Security orchestration, automation and response (SOAR) provider Swimlane on Monday announced the launch of a security automation solution ecosystem for operational technology (OT) environments.

ICS/OT

The White House announced on Wednesday that the Industrial Control Systems (ICS) Cybersecurity Initiative has been expanded to include the chemical sector.

Data Protection

Artificial intelligence is more artificial than intelligent.

Incident Response

Created and maintained by MITRE, MITRE D3FEND is a framework that provides a library of defensive cybersecurity countermeasures and technical components to help organizations...