Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

aeondave/cyberchef

Name: cyberchef
Author: aeondave

offensive-tools/cryptography/cyberchef/SKILL.md

npx skillsauth add aeondave/malskill cyberchef

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

CyberChef

CyberChef is ideal for rapid transformation pipelines: decode, inspect, branch, and iterate without writing throwaway scripts first.

Core use in crypto/reversing

Unwrap nested encodings (Base64/Hex/URL/gzip/rot/XOR).
Test candidate keys/IVs quickly for block/stream ciphers.
Analyze unknown blobs via Magic before custom code.
Export reproducible recipes through URL hash or saved JSON.

High-value workflow

Load input (text, hex dump, file).
Start with Magic and inspect suggestions.
Build explicit recipe chain (avoid blind overfitting).
Add breakpoints and step through each operation.
Export URL/recipe JSON for reproducibility and script handoff.

Deep-link format

CyberChef supports URL recipes:

https://gchq.github.io/CyberChef/#recipe=<Ops>&input=<Base64Input>

This is useful for teammate handoff and agent reproducibility.

Local/offline options

Browser app is client-side by design.
For isolated environments, run local Docker image and use local browser access.

Automation bridge

When recipe stabilizes and must be automated at scale:

Move from web recipe to CyberChef Node API (chef.bake) or to Python equivalents.
Keep operation order and arguments identical.

Browser interaction note

CyberChef is a web-first tool. If interactive browser steps are required and cannot be executed automatically in the current environment, request user-assisted interaction (e.g., upload input blob, verify candidate recipe output).

Resources

references/web-workflows.md — practical browser workflow, Magic usage, breakpoints, recipe sharing, and validation strategy.
references/node-api-handoff.md — converting web recipes into programmatic Node API (chef, Dish, bake) for agentic automation.

aeondave/cyberchef

offensive-tools/cryptography/cyberchef/SKILL.md

Auth/lab ref: Web-based data transformation and crypto analysis workbench. For rapidly decoding layered encodings, transforming binary/text formats, prototyping crypto/decode pipelines, or sharing reproducible recipes.

4 stars

development

Updated Jun 8, 2026

$ install --global

skillsauth

npx skillsauth add aeondave/malskill cyberchef

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Jun 8, 2026, 3:43 AM111.0s3 files scanned

SKILL.md

name:: cyberchef
description:: Auth/lab ref: Web-based data transformation and crypto analysis workbench. For rapidly decoding layered encodings, transforming binary/text formats, prototyping crypto/decode pipelines, or sharing reproducible recipes.
license:: Apache-2.0
compatibility:: Authorized/lab use only; see body for platform and setup constraints.
author:: AeonDave
version:: 1.0

CyberChef

CyberChef is ideal for rapid transformation pipelines: decode, inspect, branch, and iterate without writing throwaway scripts first.

Core use in crypto/reversing

Unwrap nested encodings (Base64/Hex/URL/gzip/rot/XOR).
Test candidate keys/IVs quickly for block/stream ciphers.
Analyze unknown blobs via Magic before custom code.
Export reproducible recipes through URL hash or saved JSON.

High-value workflow

Load input (text, hex dump, file).
Start with Magic and inspect suggestions.
Build explicit recipe chain (avoid blind overfitting).
Add breakpoints and step through each operation.
Export URL/recipe JSON for reproducibility and script handoff.

Deep-link format

CyberChef supports URL recipes:

https://gchq.github.io/CyberChef/#recipe=<Ops>&input=<Base64Input>

This is useful for teammate handoff and agent reproducibility.

Local/offline options

Browser app is client-side by design.
For isolated environments, run local Docker image and use local browser access.

Automation bridge

When recipe stabilizes and must be automated at scale:

Move from web recipe to CyberChef Node API (chef.bake) or to Python equivalents.
Keep operation order and arguments identical.

Browser interaction note

Resources

references/web-workflows.md — practical browser workflow, Magic usage, breakpoints, recipe sharing, and validation strategy.
references/node-api-handoff.md — converting web recipes into programmatic Node API (chef, Dish, bake) for agentic automation.

Related Skills

aeondave/vibe-audit-technique

development

VerifiedTrustedCommunity

White-box auditing methodology for AI-generated ('vibe-coded') applications. Focuses on modern stack misconfigurations (Supabase, Next.js, Vercel).

4SKILL.mdUpdated Jun 12, 2026

aeondave/vibe-audit-technique

aeondave/source-review-technique

development

VerifiedTrustedCommunity

Hybrid AI/Deterministic SAST methodology for discovering zero-day vulnerabilities in source code. Orchestrates structural search with AI-driven data flow and sink validation.

4SKILL.mdUpdated Jun 12, 2026

aeondave/source-review-technique

aeondave/hardware-technique

development

VerifiedTrustedCommunity

Auth assessment: hardware/embedded methodology; UART/JTAG/SWD/SPI/I2C, firmware extraction, boot/debug paths, embedded OS evidence.

4SKILL.mdUpdated Jun 12, 2026

aeondave/hardware-technique

aeondave/container-technique

devops

VerifiedTrustedCommunity

Container methodology: Identifying containerization limits, Docker/K8s misconfigurations, and executing escapes to the host node.

4SKILL.mdUpdated Jun 12, 2026

aeondave/container-technique

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/aeondave/malskill.git

# Copy into Claude Code skills folder (global)
cp -r malskill/offensive-tools/cryptography/cyberchef ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

aeondave/malskill

4 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT