{"id":18827238,"url":"https://github.com/thomasleplus/cyberchef-recipes","last_synced_at":"2026-01-26T19:32:37.173Z","repository":{"id":198768821,"uuid":"701500120","full_name":"thomasleplus/cyberchef-recipes","owner":"thomasleplus","description":"A few useful CyberChef recipes.","archived":false,"fork":false,"pushed_at":"2024-09-22T04:21:02.000Z","size":24,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2024-12-30T05:44:01.802Z","etag":null,"topics":["bookmarks","cyberchef","cyberchef-recipes","cybersecurity","links"],"latest_commit_sha":null,"homepage":"https://gchq.github.io/CyberChef/","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/thomasleplus.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-10-06T19:15:39.000Z","updated_at":"2024-11-13T08:13:24.000Z","dependencies_parsed_at":"2023-10-12T05:08:00.063Z","dependency_job_id":null,"html_url":"https://github.com/thomasleplus/cyberchef-recipes","commit_stats":null,"previous_names":["thomasleplus/cyberchef-recipes"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thomasleplus%2Fcyberchef-recipes","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thomasleplus%2Fcyberchef-recipes/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thomasleplus%2Fcyberchef-recipes/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thomasleplus%2Fcyberchef-recipes/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/thomasleplus","download_url":"https://codeload.github.com/thomasleplus/cyberchef-recipes/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239763654,"owners_count":19692812,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bookmarks","cyberchef","cyberchef-recipes","cybersecurity","links"],"created_at":"2024-11-08T01:13:25.169Z","updated_at":"2026-01-26T19:32:37.166Z","avatar_url":"https://github.com/thomasleplus.png","language":null,"readme":"# cyberchef-recipes\n\nA few useful CyberChef recipes.\n\n## JWT Decode\n\nThis is the recipe to decode a JWT token. The steps are:\n\n1. URL decoding\n2. Base64 decoding (for each section)\n3. Remove the signature blob\n4. JSON formating (easier to read)\n\n[Try it!](\u003chttps://gchq.github.io/CyberChef/#recipe=URL_Decode(true)Fork('.','%5C%5Cn',false)From_Base64('A-Za-z0-9%2B/%3D',true,false)Filter('Line%20feed','%5E%7B.*%7D$',false)JSON_Beautify('%20%20%20%20',false,true)\u0026input=ZXlKaGJHY2lPaUpJVXpJMU5pSXNJblI1Y0NJNklrcFhWQ0o5LmV5SnpkV0lpT2lJeE1qTTBOVFkzT0Rrd0lpd2libUZ0WlNJNklrcHZhRzRnUkc5bElpd2lhV0YwSWpveE5URTJNak01TURJeWZRLlNmbEt4d1JKU01lS0tGMlFUNGZ3cE1lSmYzNlBPazZ5SlZfYWRRc3N3NWM\u003e)\n\n[jwt.io](https://jwt.io/) is probably a better alternative but the\nabove recipe can be a starting point if you're going to do further\noperations on the decoded JWT.\n\n## SAML Decode\n\nThis is the recipe to decode a SAML assertion. The steps are:\n\n1. URL decoding\n2. Base64 decoding\n3. Decompression\n4. XML formating (easier to read)\n\n[Try it!](\u003chttps://gchq.github.io/CyberChef/#recipe=URL_Decode(true)From_Base64('A-Za-z0-9%2B/%3D',true,false)Raw_Inflate(0,0,'Adaptive',false,true)XML_Beautify('')Syntax_highlighter('auto%20detect')\u0026input=aFpKQmI5c3dESVglMkZpcWE3N2RobzBreUlVMlFOaWdib05xOXhkOWhsa0dXbTFpcExzU2pGN2IlMkJ2N0tSYmh3SFpsU0slMkZSNzNIeGRWenE4Z0JMRXFqYzVyR0UwcEFDMU5MJTJGWmpUaCUyRkltbXRPcjVRSjVxN0k5VzNuWDZIdm9QS0FqWVZBak83N2sxRnZOREVlSlRQTVdrRG5CdHF2UGR5eUxKMnh2alRQQ0tFcFdpR0Jka0xvMkduMExkZ3YySUFVODNOJTJGbHRIRnVqeXhKZUZDSkc4OTdrRUlaWDhmQ3RHUFJ5MlNRU3did1B5UksxbUVycWJrYmZ6TEFBcXZwWGFqRzA3U0hhdVQ0TUphRWhXb3ZYRExpRXdIYWVmdVNnTUFQeWp4S2ZkdkhYQXdZU202TUZUQiUyQk82YzdyaEFvMmF4eiUyQnRNMTJaT3FaN3JyZURkVDFhSHFVOUYxVDVXcXMlMkZZU20xOVRlZmtjV3JIZ2lQSUFmNFlSUFd3ME9xNWRUck5KT28lMkZTTk1wbTVlUWpTMU0ybmNjWEY3TWZsQlFueXo1SmZZemluTCUyRlZzUW5aYlZrV1VmRjFXMUx5JTJGUzNTMEVCUEFiSlIzYjVQN2p5WXY1bE1sMmZEV1NUdiUyQmIlMkZQNVVzQWJ0YUZVVks4a0pWU3ByJTJCMndGMXd3MWtQbzdrdGQlMkJkWEdDcXlqblpqSzNPV2E1UWhMMHEyeFlEJTJGNXJtU093bjJQJTJCZERrJTJCVnB5YiUyQnZlUGtL\u003e)\n\n## AWS Log Event\n\nThis is the recipe to decode a raw AWS Log Event. The steps are:\n\n1. Base64 decoding\n2. Decompression\n3. JSON formating (easier to read)\n\n[Try it!](\u003chttps://gchq.github.io/CyberChef/#recipe=From_Base64('A-Za-z0-9%2B/%3D',false,false)Gunzip()JSON_Beautify('%20%20%20%20',false,true)\u0026input=SDRzSUFGUnBtbWdBLzVXUVQwK0VNQkRGdjh1Y01aYi83dDZxRkx6c2lUMXBOZzNxUUpwUVN0cWlNWVR2emxnMUdtL2VwdS8zT24xOUsyaDByaHZ3L0Q0akhLSGlaeTVQb20xNUl5QUM4emFoSlRsTzBpd3Z5cHNEaXhPU1J6TTAxaXd6RVdjMFNqckxJUWlCdGQ1aXB3aytrUDNuNHRkMHpXL3ZLbEZmTmZma2RzdVRlN1pxOXNwTXRSbzlXZ2ZIeDgrdHY1bnNBNFJMZUVDODR1US9qQ3VvbHoveC9qTlJBSytvQU45cCtrdGM1dGtoSzlLMFlJeEYzOFhRK3Q0WTJDN2JEbHc0aGQ4c0FRQUE\u003e)\n\n## ROT8000\n\nThis one is not really a recipe but more of a fun operation that I\ncontributed to the CyberChef project. ROT8000 is a [Caesar\ncipher](https://en.wikipedia.org/wiki/Caesar_cipher) shifting\ncharacters by 8000 in the Unicode charset, the same way\n[ROT13](https://en.wikipedia.org/wiki/ROT13) shifts latin characters\nby 13 in the latin alphabet. Also similarly to ROT13, ROT8000 is an\ninvolution meaning that if you apply it twice, you end up with the\noriginal plaintext message (in other words the ciphering and\ndeciphering functions are the same). A more detailed description of\nthe ROT8000 function can be found on its inventor's\n[page](https://rot8000.com/info). **This is not encryption nor secure\nin any way, shape or form! Use it just for fun.**\n\nCoincidently, with ROT8000 latin characters typically end up in the\nChinese symbol section of the Unicode charset. So latin text ciphered\nwith ROT8000 looks like Chinese text to a casual observer (unless you\ncan read Chinese and then it's pretty obvious that the text is\ngibberish). In this recipe you can see an example and if you enable\nthe second ROT8000 function in the recipe you can see how the text\ngets deciphered back to its original plaintext:\n\n[Try it!](\u003chttps://gchq.github.io/CyberChef/#recipe=ROT8000()ROT8000(/disabled)\u0026input=VGhlIHF1aWNrIGJyb3duIGZveCBqdW1wcyBvdmVyIHRoZSBsYXp5IGRvZy4\u0026oenc=65001\u003e)\n\n## Contributing\n\nPlease read [CONTRIBUTING.md](CONTRIBUTING.md) for details on our code of conduct and the process for submitting pull requests.\n\n## Security\n\nPlease read [SECURITY.md](SECURITY.md) for details on our security policy and how to report security vulnerabilities.\n\n## Code of Conduct\n\nPlease read [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md) for details on our code of conduct.\n\n## License\n\nThis project is licensed under the terms of the [LICENSE](LICENSE) file.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthomasleplus%2Fcyberchef-recipes","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fthomasleplus%2Fcyberchef-recipes","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthomasleplus%2Fcyberchef-recipes/lists"}