CyberChef
CyberChef CyberChef is the GCHQ-forged web app for chaining payload encoders like Base64, hex, and ROT13 on files or strings, with magic ops for decoding malware artifacts or obfuscated data in forensics workflows. Clone and run locally via Node.js to avoid traces, building recipes for repeatable transforms on binary dumps. Open-source powerhouse, it's the ops orchestra for analysts decoding payloads without proprietary suites.
Explore →binwalk
binwalk binwalk's extract mode decodes embedded payloads in files like firmware, carving out ZIPs or ELF from hex streams with entropy analysis for hidden data recovery. Run its Python script on dumps for signature-based pulls, scripting custom decoders for non-standard formats. Open-source from ReFirmLabs, it's the payload peeler for reverse engineers unpacking layered artifacts.
Explore →xxd
xxd xxd is the hex dumper/encoder from Vim that converts files to hex binaries or back, with reverse option for decoding dumps into originals for quick file analysis. Pipe binaries through it in scripts for formatted views, grouping bytes for pattern spotting in payloads. Open-source from vim devs, it's the hex hexer for terminal tinkerers encoding/decoding on the fly.
Explore →base64
base64 base64 is the coreutils encoder/decoder for MIME-safe binary payloads, wrapping files in text for transport or decoding dumps for inspection in data analysis chains. Use its CLI flags for wrap lengths or stdin processing, scripting for batch jobs on evidence sets. Open-source from GNU, it's the binary blanket for analysts encoding artifacts without format loss.
Explore →beef-xss
BeEF XSS BeEF's payload encoder crafts JS hooks with URL encoding and Base64 for XSS delivery, decoding responses in its framework for client-side data exfil analysis. Hook browsers via its Ruby server, encoding commands for evasion in tests. Open-source from beefproject, it's the hook handler for web pentesters encoding payloads for browser exploitation.
Explore →python-base64
python-base64 python-base64 is the stdlib module for encoding/decoding payloads in b64, hex, or urlsafe variants, handling streams for file analysis without external deps. Import and call on bytes for transforms, chaining with zlib for compressed artifacts. Open-source Python core, it's the built-in buffer for scripters decoding encoded files in forensic scripts.
Explore →hexdump
hexdump hexdump is the POSIX dumper that encodes files to hex with offsets and ASCII sides, decoding back for binary inspections in data recovery workflows. Customize formats via CLI for endian swaps or byte groups, scripting for automated payload views. Open-source from BSD, it's the hex historian for examiners logging file structures precisely.
Explore →uuencode
uuencode uuencode is the legacy encoder for binary files to ASCII uu format, decoding with uudecode for safe transport of payloads in email forensics or legacy analysis. Run on files for headered outputs, verifying checksums post-decode. Open-source from GNU, it's the vintage vehicle for analysts resurrecting old encoded artifacts.
Explore →bin2txt
bin2txt bin2txt is the simple converter for binary payloads to hex or Base64 text dumps, with options for line wrapping and charset filters for readable file analysis. Script its C code for custom encodings, feeding outputs to grep for pattern hunts. Open-source utility, it's the text translator for pentesters turning raw bytes into searchable strings.
Explore →payload-decoder