├── malware-analysis └── com-scriptlet-1 │ ├── extract-base64.chef │ └── README.md ├── other └── php-gzinflate │ ├── gzinflate.chef │ └── README.md ├── README.md └── LICENSE /malware-analysis/com-scriptlet-1/extract-base64.chef: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /other/php-gzinflate/gzinflate.chef: -------------------------------------------------------------------------------- 1 | Raw_Inflate(0,0,'Block',false,false) -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # cyber-chef-recipes 2 | Recipes for GCHQ's [CyberChef](https://github.com/gchq/CyberChef) Web App 3 | 4 | ## Online Version of CyberChef 5 | 6 | https://gchq.github.io/CyberChef/ 7 | -------------------------------------------------------------------------------- /malware-analysis/com-scriptlet-1/README.md: -------------------------------------------------------------------------------- 1 | Decodes multiple layers of Base64, ZIP compressed content and disassembles the contained executable 2 | 3 | See 4 | https://twitter.com/JohnLaTwC/status/1062419803304976385 -------------------------------------------------------------------------------- /other/php-gzinflate/README.md: -------------------------------------------------------------------------------- 1 | Techhelplist 2 | 3 | php's gzinflate == cyberchef's Raw Inflate with settings : 4 | - start index 0 5 | - initial output 0 6 | - buffer expansion Block 7 | - don't resize buffer 8 | 9 | thx @DCWebGuy 10 | 11 | https://twitter.com/Techhelplistcom/status/1062422462284095488 -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | This is free and unencumbered software released into the public domain. 2 | 3 | Anyone is free to copy, modify, publish, use, compile, sell, or 4 | distribute this software, either in source code form or as a compiled 5 | binary, for any purpose, commercial or non-commercial, and by any 6 | means. 7 | 8 | In jurisdictions that recognize copyright laws, the author or authors 9 | of this software dedicate any and all copyright interest in the 10 | software to the public domain. We make this dedication for the benefit 11 | of the public at large and to the detriment of our heirs and 12 | successors. We intend this dedication to be an overt act of 13 | relinquishment in perpetuity of all present and future rights to this 14 | software under copyright law. 15 | 16 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 17 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 18 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 19 | IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR 20 | OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, 21 | ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR 22 | OTHER DEALINGS IN THE SOFTWARE. 23 | 24 | For more information, please refer to 25 | --------------------------------------------------------------------------------