A lightweight command-line toolkit for automatic encoding detection and decoding — built for CTF challenges, security analysis, and data processing workflows.
When doing CTF challenges or security analysis, you often face strings like:
U0dWc2JIOD0=
Is it Base64? Double-encoded? ROT13 inside Hex? Manually peeling each layer wastes time.
AutoCyberChef detects and unwraps encoding layers automatically — giving you the answer in seconds instead of minutes.
$ python main.py auto U0dWc2JIOD0=
Layer 1: [Base64] → SGVsbG8=
Layer 2: [Base64] → Hello
Final result: Hello
git clone https://github.com/norniy/auto-cyberchef.git
cd auto-cyberchef
pip install -r requirements.txt
python main.py shellRequirements: Python 3.9 or higher. No heavy dependencies — core features use the standard library only.
# Clone the repository
git clone https://github.com/norniy/auto-cyberchef.git
cd auto-cyberchef
# Install optional dev dependencies (pytest for running tests)
pip install -r requirements.txt
# Verify installation
python main.py --version| Feature | Description |
|---|---|
| Auto-detect | Identify Base64, Hex, Binary, URL, ROT13, Morse, HTML, Caesar, Base32 |
| Auto-decode | Automatically unwrap up to 10 nested encoding layers |
| Encode | Encode plaintext into Base64, Base32, Hex, Binary, URL, HTML, ROT13, Morse |
| Interactive shell | REPL with command history and tab completion |
| Batch file decode | Decode every line of a file in one command |
| Brute-force mode | Try every decoder at once and show all results |
| Confidence scores | Ranked probability scores for each detected encoding |
| JSON output | Machine-readable output for pipeline integration |
python main.py shellautochef > decode SGVsbG8=
Detected: Base64
Result: Hello
autochef > encode Hello -e base64
Encoding: base64
Result: SGVsbG8=
autochef > detect 48656c6c6f
Possible encodings:
- Hex
- Base64
autochef > auto U0dWc2JIOD0=
2 layer(s) found:
Layer 1: [Base64] → SGVsbG8=
Layer 2: [Base64] → Hello
Final: Hello
autochef > brute "Uryyb Jbeyq"
✓ ROT13 Hello World
✓ Caesar Hello World
autochef > history
autochef > exit
Shell supports ↑/↓ arrow keys for command history on Unix/macOS.
# Auto-detect encoding and decode
python main.py decode SGVsbG8=
# Force a specific encoding
python main.py decode 48656c6c6f -e hex
python main.py decode "Uryyb Jbeyq" -e rot13
python main.py decode ".... . .-.. .-.. ---" -e morse
# Output as JSON
python main.py decode SGVsbG8= --jsonOutput:
Detected encoding: Base64
Decoded result: Hello
# Encode plaintext into a target format
python main.py encode "Hello" -e base64
python main.py encode "Hello" -e hex
python main.py encode "Hello World" -e morse
python main.py encode "Hello" -e binary
python main.py encode "Hello World!" -e url
python main.py encode "<b>Hello</b>" -e html
python main.py encode "Hello" -e rot13
# Output as JSON
python main.py encode "Hello" -e base64 --jsonOutput:
Encoded [base64]:
SGVsbG8=
Encoded [morse]:
.... . .-.. .-.. --- / .-- --- .-. .-.. -..
# List possible encodings
python main.py detect SGVsbG8=
# Show confidence scores
python main.py detect SGVsbG8= --confidenceOutput:
Possible encodings:
- Base64
Encoding confidence scores:
Base64 ████████████████████ 95.0%
# Automatically unwrap all layers
python main.py auto U0dWc2JIOD0=
# Show step-by-step progress
python main.py auto U0dWc2JIOD0= --verbose
# Limit decode depth
python main.py auto U0dWc2JIOD0= --max-layers 5Output:
Auto-decode: 2 layer(s) found
Layer 1: [Base64] → SGVsbG8=
Layer 2: [Base64] → Hello
Final result: Hello
# Decode each line of a file
python main.py decode-file encoded.txt
# Save output to a file
python main.py decode-file encoded.txt -o decoded.txt
# Show layer-by-layer details
python main.py decode-file encoded.txt --layers
# Force a specific encoding for all lines
python main.py decode-file encoded.txt -e base64
# Output as JSON
python main.py decode-file encoded.txt --jsonExample input file (encoded.txt):
SGVsbG8=
48656c6c6f
.... . .-.. .-.. ---
Output:
Hello
Hello
HELLO
Processed 3 line(s): 3 decoded, 0 failed
# Try every decoder
python main.py brute SGVsbG8=
# Also show failed attempts
python main.py brute SGVsbG8= --show-failures
# Include all 25 Caesar cipher shifts
python main.py brute "Khoor" --caesarpython main.py stats encoded.txtOutput:
File statistics: encoded.txt
Total lines: 10
Decoded lines: 9
Failed lines: 1
Encoding breakdown:
Base64 6
Hex 3
| Encoding | Decode | Encode | Decode Example | Encode Example |
|---|---|---|---|---|
| Base64 | ✅ | ✅ | SGVsbG8= → Hello |
Hello → SGVsbG8= |
| Base32 | ✅ | ✅ | JBSWY3DP → Hello |
Hello → JBSWY3DP |
| Hexadecimal | ✅ | ✅ | 48656c6c6f → Hello |
Hello → 48656c6c6f |
| Binary | ✅ | ✅ | 01001000... → Hello |
Hello → 01001000 01100101... |
| URL Encoding | ✅ | ✅ | Hello%20World%21 → Hello World! |
Hello World! → Hello%20World%21 |
| HTML Entities | ✅ | ✅ | He... → Hello |
<b>Hi</b> → <b>Hi</b> |
| ROT13 | ✅ | ✅ | Uryyb → Hello |
Hello → Uryyb |
| Morse Code | ✅ | ✅ | .... . .-.. .-.. --- → HELLO |
HELLO → .... . .-.. .-.. --- |
| Caesar Cipher | ✅ | ❌ | Khoor (shift 3) → Hello |
— |
auto-cyberchef/
│
├── autochef/
│ ├── __init__.py # Package entry point and public API
│ ├── detector.py # Encoding detection (regex + heuristics + confidence scoring)
│ ├── decoder.py # Individual decode implementations for all formats
│ ├── pipeline.py # Multi-layer auto-decode orchestration
│ ├── file_handler.py # Batch file processing and JSON output
│ └── utils.py # Shared helpers (entropy, printability, string analysis)
│
├── tests/
│ └── test_basic.py # 84 unit tests covering all modules
│
├── main.py # CLI entry point (argparse + interactive shell)
├── requirements.txt
└── README.md
AutoCyberChef can be imported directly into your own scripts:
from autochef.detector import detect_encoding, get_encoding_confidence
from autochef.decoder import decode_base64, decode_hex, decode_by_name
from autochef.pipeline import auto_decode
# Detect encodings
encodings = detect_encoding("SGVsbG8=")
print(encodings) # ['Base64']
# Get confidence scores
scores = get_encoding_confidence("SGVsbG8=")
print(scores) # {'Base64': 0.95}
# Decode a specific format
result, success = decode_base64("SGVsbG8=")
print(result) # Hello
# Decode by name
result, success = decode_by_name("hex", "48656c6c6f")
print(result) # Hello
# Auto multi-layer decode
steps, final = auto_decode("U0dWc2JIOD0=")
print(final) # Hello
for encoding, before, after in steps:
print(f"{encoding}: {before} -> {after}")# Run all 84 tests
python -m unittest tests.test_basic -v
# Run a specific test class
python -m unittest tests.test_basic.TestPipeline -v
# Run with pytest (if installed)
pytest tests/ -vContributions are welcome! Here are some ways to get started:
- 🐛 Report bugs by opening an Issue
- ✨ Request features via Issues tagged
enhancement - 🔧 Fix a bug or add a feature — open a Pull Request
Look for issues tagged good first issue:
- Add support for a new encoding (Base58, XOR, etc.)
- Add more test cases
- Fix a typo or documentation gap
git clone https://github.com/norniy/auto-cyberchef.git
cd auto-cyberchef
pip install -r requirements.txt
python -m unittest tests.test_basic -v # make sure all tests pass before contributingThis project is licensed under the MIT License.
- CyberChef — The original web-based "Cyber Swiss Army Knife"
- Ciphey — AI-powered automatic decryption tool
AutoCyberChef is different: no browser required, no heavy ML dependencies — just Python 3.9+ and the standard library.
Made for CTF players, security researchers, and anyone who spends too long manually decoding strings.
If this tool saved you time, consider giving it a ⭐