A powerful, easily deployable network traffic analysis tool suite for network security monitoring
Malcolm provides an instance of CyberChef, which describes itself as the “Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis.” CyberChef is available at at https://localhost/arkime/cyberchef/ if connecting locally.
Arkime’s Sessions view has built-in CyberChef integration for Arkime sessions with full PCAP payloads available: expanding a session and opening the Packet Options drop-down menu in its payload section will provide options for Open src packets with CyberChef and Open dst packets with CyberChef.