playbooks

home / skills / xfstudio / skills / ciphey

ciphey skill

/ciphey

This skill automatically decrypts and decodes encrypted text using AI, recognizing 50+ schemes and returning readable output quickly.

npx playbooks add skill xfstudio/skills --skill ciphey

Review the files below or copy the command above to add this skill to your agents.

Files (2)
SKILL.md
1.6 KB
---
name: ciphey
description: Automatic decryption and decoding tool using AI. Use when user says "解密", "decrypt", "decode", "crack", "破解密码", or provides encrypted/encoded text that needs to be deciphered. Supports 50+ encryption types including Base64, Caesar, Vigenere, XOR, Morse code, binary, hashes, and more.
---

# Ciphey

Automatic decryption/decoding tool that uses AI to detect and crack encryption.

## Usage

Run the decrypt script:

```bash
python3 ~/.claude/skills/ciphey/scripts/decrypt.py "<ciphertext>" [-q]
```

**Parameters:**
- `ciphertext`: The encrypted/encoded text to decrypt (required)
- `-q`: Quiet mode, suppress progress output (optional)

## Examples

Decrypt Base64:
```bash
python3 ~/.claude/skills/ciphey/scripts/decrypt.py "SGVsbG8gV29ybGQh"
# Output: Hello World!
```

Decrypt with quiet mode:
```bash
python3 ~/.claude/skills/ciphey/scripts/decrypt.py "Uryyb Jbeyq!" -q
# Output: Hello World! (Caesar/ROT13)
```

## Supported Encryptions

- **Encodings**: Base64, Base32, Base16, Binary, Hex, Octal, ASCII, URL encoding
- **Classical Ciphers**: Caesar, ROT13, Vigenere, Affine, Atbash, Playfair
- **Modern**: XOR, Repeating-key XOR
- **Hashes**: MD5, SHA1, SHA256, SHA512 (detection)
- **Other**: Morse code, NATO phonetic, Braille, and 40+ more

## Installation

The script auto-detects and uses available installation:

1. **Direct**: If `ciphey` command exists
2. **Docker**: Uses `remnux/ciphey` image (recommended)
3. **Homebrew**: `brew install ciphey`
4. **pipx**: `pipx install ciphey`

## Notes

- Uses AI to automatically detect encryption type
- Most decryptions complete in under 3 seconds
- Requires Python 3.7+

Overview

This skill provides automatic decryption and decoding using AI to detect and crack a wide range of ciphers and encodings. It supports over 50 formats, from simple encodings like Base64 and binary to classical ciphers and modern XOR variants. Use it to quickly identify and recover plaintext from unknown or mixed encodings with minimal configuration.

How this skill works

The tool inspects input ciphertext and runs automated detection heuristics enhanced by AI to guess the encoding or cipher family. It then applies targeted cracking or decoding methods (e.g., trial keys, frequency analysis, known decoders) and reports the most likely plaintext and method. Optional quiet mode suppresses progress output for scripted or batch use.

When to use it

  • You receive an unknown piece of encoded or encrypted text and need a fast, automated attempt at plaintext.
  • You want to decode standard encodings (Base64, hex, binary, URL) without manual tooling.
  • You need to identify and break classical ciphers like Caesar, Vigenère, Atbash, or ROT variants.
  • You want quick checks for XOR or repeating-key XOR encrypted strings.
  • You want to detect whether a string is a known hash type (MD5/SHA) or some other encoding.

Best practices

  • Provide the full ciphertext as input; include surrounding context if available (language hints improve results).
  • Use quiet mode for automation or when embedding in pipelines to suppress progress output.
  • Verify results manually for sensitive or high-stakes data—automatic tools can propose false positives.
  • Combine with other forensic/contextual information (file metadata, source) for tougher multi-layer encodings.
  • Ensure Python 3.7+ is available or use the recommended Docker image for consistent behavior.

Example use cases

  • Decoding a pasted Base64 string to reveal its ASCII plaintext.
  • Cracking a suspected Caesar/ROT13 message found in a puzzle or CTF.
  • Detecting and decoding mixed layers (e.g., Base64 inside hex) automatically.
  • Quickly testing whether a string is a known hash or an actually reversible encoding.
  • Batch-processing a list of suspected encodings in a script using quiet mode.

FAQ

Which ciphers and encodings are supported?

Over 50 formats including Base64/Base32/hex/binary, classical ciphers (Caesar, Vigenère, Atbash, Playfair), XOR variants, Morse, NATO phonetic, Braille, and hash detection for MD5/SHA family.

How do I run it in scripts or pipelines?

Invoke the decrypt script with the ciphertext argument. Use the -q flag to enable quiet mode and suppress progress output for automation.