cyberchef 9.37.1 → 9.38.0

package/src/core/operations/ParseUDP.mjs

@@ -6,7 +6,9 @@
 
 import Operation from "../Operation.mjs";
 import Stream from "../lib/Stream.mjs";
-import {toHex} from "../lib/Hex.mjs";
+import {toHexFast, fromHex} from "../lib/Hex.mjs";
+import {objToTable} from "../lib/Protocol.mjs";
+import Utils from "../Utils.mjs";
 import OperationError from "../errors/OperationError.mjs";
 
 /**
@@ -24,58 +26,61 @@ class ParseUDP extends Operation {
         this.module = "Default";
         this.description = "Parses a UDP header and payload (if present).";
         this.infoURL = "https://wikipedia.org/wiki/User_Datagram_Protocol";
-        this.inputType = "ArrayBuffer";
+        this.inputType = "string";
         this.outputType = "json";
         this.presentType = "html";
-        this.args = [];
+        this.args = [
+            {
+                name: "Input format",
+                type: "option",
+                value: ["Hex", "Raw"]
+            }
+        ];
     }
 
     /**
-     * @param {ArrayBuffer} input
+     * @param {string} input
+     * @param {Object[]} args
      * @returns {Object}
      */
     run(input, args) {
-        if (input.byteLength < 8) {
-            throw new OperationError("Need 8 bytes for a UDP Header");
+        const format = args[0];
+
+        if (format === "Hex") {
+            input = fromHex(input);
+        } else if (format === "Raw") {
+            input = Utils.strToArrayBuffer(input);
+        } else {
+            throw new OperationError("Unrecognised input format.");
         }
 
         const s = new Stream(new Uint8Array(input));
+        if (s.length < 8) {
+            throw new OperationError("Need 8 bytes for a UDP Header");
+        }
+
         // Parse Header
         const UDPPacket = {
             "Source port": s.readInt(2),
             "Destination port": s.readInt(2),
             "Length": s.readInt(2),
-            "Checksum": toHex(s.getBytes(2), "")
+            "Checksum": "0x" + toHexFast(s.getBytes(2))
         };
         // Parse data if present
         if (s.hasMore()) {
-            UDPPacket.Data = toHex(s.getBytes(UDPPacket.Length - 8), "");
+            UDPPacket.Data = "0x" + toHexFast(s.getBytes(UDPPacket.Length - 8));
         }
 
         return UDPPacket;
     }
 
     /**
-     * Displays the UDP Packet in a table style
+     * Displays the UDP Packet in a tabular style
      * @param {Object} data
      * @returns {html}
      */
     present(data) {
-        const html = [];
-        html.push("<table class='table table-hover table-sm table-bordered table-nonfluid' style='table-layout: fixed'>");
-        html.push("<tr>");
-        html.push("<th>Field</th>");
-        html.push("<th>Value</th>");
-        html.push("</tr>");
-
-        for (const key in data) {
-            html.push("<tr>");
-            html.push("<td style=\"word-wrap:break-word\">" + key + "</td>");
-            html.push("<td>" + data[key] + "</td>");
-            html.push("</tr>");
-        }
-        html.push("</table>");
-        return html.join("");
+        return objToTable(data);
     }
 
 }

package/src/core/operations/Sort.mjs

@@ -7,6 +7,7 @@
 import Operation from "../Operation.mjs";
 import Utils from "../Utils.mjs";
 import {INPUT_DELIM_OPTIONS} from "../lib/Delim.mjs";
+import {caseInsensitiveSort, ipSort, numericSort, hexadecimalSort} from "../lib/Sort.mjs";
 
 /**
  * Sort operation
@@ -57,120 +58,19 @@ class Sort extends Operation {
         if (order === "Alphabetical (case sensitive)") {
             sorted = sorted.sort();
         } else if (order === "Alphabetical (case insensitive)") {
-            sorted = sorted.sort(Sort._caseInsensitiveSort);
+            sorted = sorted.sort(caseInsensitiveSort);
         } else if (order === "IP address") {
-            sorted = sorted.sort(Sort._ipSort);
+            sorted = sorted.sort(ipSort);
         } else if (order === "Numeric") {
-            sorted = sorted.sort(Sort._numericSort);
+            sorted = sorted.sort(numericSort);
         } else if (order === "Numeric (hexadecimal)") {
-            sorted = sorted.sort(Sort._hexadecimalSort);
+            sorted = sorted.sort(hexadecimalSort);
         }
 
         if (sortReverse) sorted.reverse();
         return sorted.join(delim);
     }
 
-    /**
-     * Comparison operation for sorting of strings ignoring case.
-     *
-     * @private
-     * @param {string} a
-     * @param {string} b
-     * @returns {number}
-     */
-    static _caseInsensitiveSort(a, b) {
-        return a.toLowerCase().localeCompare(b.toLowerCase());
-    }
-
-
-    /**
-     * Comparison operation for sorting of IPv4 addresses.
-     *
-     * @private
-     * @param {string} a
-     * @param {string} b
-     * @returns {number}
-     */
-    static _ipSort(a, b) {
-        let a_ = a.split("."),
-            b_ = b.split(".");
-
-        a_ = a_[0] * 0x1000000 + a_[1] * 0x10000 + a_[2] * 0x100 + a_[3] * 1;
-        b_ = b_[0] * 0x1000000 + b_[1] * 0x10000 + b_[2] * 0x100 + b_[3] * 1;
-
-        if (isNaN(a_) && !isNaN(b_)) return 1;
-        if (!isNaN(a_) && isNaN(b_)) return -1;
-        if (isNaN(a_) && isNaN(b_)) return a.localeCompare(b);
-
-        return a_ - b_;
-    }
-
-    /**
-     * Comparison operation for sorting of numeric values.
-     *
-     * @author Chris van Marle
-     * @private
-     * @param {string} a
-     * @param {string} b
-     * @returns {number}
-     */
-    static _numericSort(a, b) {
-        const a_ = a.split(/([^\d]+)/),
-            b_ = b.split(/([^\d]+)/);
-
-        for (let i = 0; i < a_.length && i < b.length; ++i) {
-            if (isNaN(a_[i]) && !isNaN(b_[i])) return 1; // Numbers after non-numbers
-            if (!isNaN(a_[i]) && isNaN(b_[i])) return -1;
-            if (isNaN(a_[i]) && isNaN(b_[i])) {
-                const ret = a_[i].localeCompare(b_[i]); // Compare strings
-                if (ret !== 0) return ret;
-            }
-            if (!isNaN(a_[i]) && !isNaN(b_[i])) { // Compare numbers
-                if (a_[i] - b_[i] !== 0) return a_[i] - b_[i];
-            }
-        }
-
-        return a.localeCompare(b);
-    }
-
-    /**
-     * Comparison operation for sorting of hexadecimal values.
-     *
-     * @author Chris van Marle
-     * @private
-     * @param {string} a
-     * @param {string} b
-     * @returns {number}
-     */
-    static _hexadecimalSort(a, b) {
-        let a_ = a.split(/([^\da-f]+)/i),
-            b_ = b.split(/([^\da-f]+)/i);
-
-        a_ = a_.map(v => {
-            const t = parseInt(v, 16);
-            return isNaN(t) ? v : t;
-        });
-
-        b_ = b_.map(v => {
-            const t = parseInt(v, 16);
-            return isNaN(t) ? v : t;
-        });
-
-        for (let i = 0; i < a_.length && i < b.length; ++i) {
-            if (isNaN(a_[i]) && !isNaN(b_[i])) return 1; // Numbers after non-numbers
-            if (!isNaN(a_[i]) && isNaN(b_[i])) return -1;
-            if (isNaN(a_[i]) && isNaN(b_[i])) {
-                const ret = a_[i].localeCompare(b_[i]); // Compare strings
-                if (ret !== 0) return ret;
-            }
-            if (!isNaN(a_[i]) && !isNaN(b_[i])) { // Compare numbers
-                if (a_[i] - b_[i] !== 0) return a_[i] - b_[i];
-            }
-        }
-
-        return a.localeCompare(b);
-    }
-
 }
 
 export default Sort;

package/src/core/operations/Strings.mjs

@@ -7,6 +7,7 @@
 import Operation from "../Operation.mjs";
 import XRegExp from "xregexp";
 import { search } from "../lib/Extract.mjs";
+import { caseInsensitiveSort } from "../lib/Sort.mjs";
 
 /**
  * Strings operation
@@ -27,27 +28,37 @@ class Strings extends Operation {
         this.outputType = "string";
         this.args = [
             {
-                "name": "Encoding",
-                "type": "option",
-                "value": ["Single byte", "16-bit littleendian", "16-bit bigendian", "All"]
+                name: "Encoding",
+                type: "option",
+                value: ["Single byte", "16-bit littleendian", "16-bit bigendian", "All"]
             },
             {
-                "name": "Minimum length",
-                "type": "number",
-                "value": 4
+                name: "Minimum length",
+                type: "number",
+                value: 4
             },
             {
-                "name": "Match",
-                "type": "option",
-                "value": [
+                name: "Match",
+                type: "option",
+                value: [
                     "[ASCII]", "Alphanumeric + punctuation (A)", "All printable chars (A)", "Null-terminated strings (A)",
                     "[Unicode]", "Alphanumeric + punctuation (U)", "All printable chars (U)", "Null-terminated strings (U)"
                 ]
             },
             {
-                "name": "Display total",
-                "type": "boolean",
-                "value": false
+                name: "Display total",
+                type: "boolean",
+                value: false
+            },
+            {
+                name: "Sort",
+                type: "boolean",
+                value: false
+            },
+            {
+                name: "Unique",
+                type: "boolean",
+                value: false
             }
         ];
     }
@@ -58,7 +69,7 @@ class Strings extends Operation {
      * @returns {string}
      */
     run(input, args) {
-        const [encoding, minLen, matchType, displayTotal] = args,
+        const [encoding, minLen, matchType, displayTotal, sort, unique] = args,
             alphanumeric = "A-Z\\d",
             punctuation = "/\\-:.,_$%'\"()<>= !\\[\\]{}@",
             printable = "\x20-\x7e",
@@ -108,8 +119,19 @@ class Strings extends Operation {
         }
 
         const regex = new XRegExp(strings, "ig");
+        const results = search(
+            input,
+            regex,
+            null,
+            sort ? caseInsensitiveSort : null,
+            unique
+        );
 
-        return search(input, regex, null, displayTotal);
+        if (displayTotal) {
+            return `Total found: ${results.length}\n\n${results.join("\n")}`;
+        } else {
+            return results.join("\n");
+        }
     }
 
 }

package/src/core/operations/ToBase45.mjs

@@ -43,9 +43,9 @@ class ToBase45 extends Operation {
      * @returns {string}
      */
     run(input, args) {
+        if (!input) return "";
         input = new Uint8Array(input);
         const alphabet = Utils.expandAlphRange(args[0]);
-        if (!input) return "";
 
         const res = [];
 

package/src/core/operations/Unique.mjs

@@ -26,9 +26,14 @@ class Unique extends Operation {
         this.outputType = "string";
         this.args = [
             {
-                "name": "Delimiter",
-                "type": "option",
-                "value": INPUT_DELIM_OPTIONS
+                name: "Delimiter",
+                type: "option",
+                value: INPUT_DELIM_OPTIONS
+            },
+            {
+                name: "Display count",
+                type: "boolean",
+                value: false
             }
         ];
     }
@@ -39,8 +44,23 @@ class Unique extends Operation {
      * @returns {string}
      */
     run(input, args) {
-        const delim = Utils.charRep(args[0]);
-        return input.split(delim).unique().join(delim);
+        const delim = Utils.charRep(args[0]),
+            count = args[1];
+
+        if (count) {
+            const valMap = input.split(delim).reduce((acc, curr) => {
+                if (Object.prototype.hasOwnProperty.call(acc, curr)) {
+                    acc[curr]++;
+                } else {
+                    acc[curr] = 1;
+                }
+                return acc;
+            }, {});
+
+            return Object.keys(valMap).map(val => `${valMap[val]} ${val}`).join(delim);
+        } else {
+            return input.split(delim).unique().join(delim);
+        }
     }
 
 }

package/src/core/operations/index.mjs

@@ -229,6 +229,7 @@ import ParseIPv6Address from "./ParseIPv6Address.mjs";
 import ParseObjectIDTimestamp from "./ParseObjectIDTimestamp.mjs";
 import ParseQRCode from "./ParseQRCode.mjs";
 import ParseSSHHostKey from "./ParseSSHHostKey.mjs";
+import ParseTCP from "./ParseTCP.mjs";
 import ParseTLV from "./ParseTLV.mjs";
 import ParseUDP from "./ParseUDP.mjs";
 import ParseUNIXFilePermissions from "./ParseUNIXFilePermissions.mjs";
@@ -601,6 +602,7 @@ export {
     ParseObjectIDTimestamp,
     ParseQRCode,
     ParseSSHHostKey,
+    ParseTCP,
     ParseTLV,
     ParseUDP,
     ParseUNIXFilePermissions,

package/src/node/index.mjs

@@ -230,6 +230,7 @@ import {
     ParseObjectIDTimestamp as core_ParseObjectIDTimestamp,
     ParseQRCode as core_ParseQRCode,
     ParseSSHHostKey as core_ParseSSHHostKey,
+    ParseTCP as core_ParseTCP,
     ParseTLV as core_ParseTLV,
     ParseUDP as core_ParseUDP,
     ParseUNIXFilePermissions as core_ParseUNIXFilePermissions,
@@ -602,6 +603,7 @@ function generateChef() {
         "parseObjectIDTimestamp": _wrap(core_ParseObjectIDTimestamp),
         "parseQRCode": _wrap(core_ParseQRCode),
         "parseSSHHostKey": _wrap(core_ParseSSHHostKey),
+        "parseTCP": _wrap(core_ParseTCP),
         "parseTLV": _wrap(core_ParseTLV),
         "parseUDP": _wrap(core_ParseUDP),
         "parseUNIXFilePermissions": _wrap(core_ParseUNIXFilePermissions),
@@ -991,6 +993,7 @@ const parseIPv6Address = chef.parseIPv6Address;
 const parseObjectIDTimestamp = chef.parseObjectIDTimestamp;
 const parseQRCode = chef.parseQRCode;
 const parseSSHHostKey = chef.parseSSHHostKey;
+const parseTCP = chef.parseTCP;
 const parseTLV = chef.parseTLV;
 const parseUDP = chef.parseUDP;
 const parseUNIXFilePermissions = chef.parseUNIXFilePermissions;
@@ -1365,6 +1368,7 @@ const operations = [
     parseObjectIDTimestamp,
     parseQRCode,
     parseSSHHostKey,
+    parseTCP,
     parseTLV,
     parseUDP,
     parseUNIXFilePermissions,
@@ -1743,6 +1747,7 @@ export {
     parseObjectIDTimestamp,
     parseQRCode,
     parseSSHHostKey,
+    parseTCP,
     parseTLV,
     parseUDP,
     parseUNIXFilePermissions,

package/src/web/waiters/OperationsWaiter.mjs

@@ -109,11 +109,15 @@ class OperationsWaiter {
         const matchedOps = [];
         const matchedDescs = [];
 
+        // Create version with no whitespace for the fuzzy match
+        // Helps avoid missing matches e.g. query "TCP " would not find "Parse TCP"
+        const inStrNWS = inStr.replace(/\s/g, "");
+
         for (const opName in this.app.operations) {
             const op = this.app.operations[opName];
 
             // Match op name using fuzzy match
-            const [nameMatch, score, idxs] = fuzzyMatch(inStr, opName);
+            const [nameMatch, score, idxs] = fuzzyMatch(inStrNWS, opName);
 
             // Match description based on exact match
             const descPos = op.description.toLowerCase().indexOf(inStr.toLowerCase());

package/tests/node/tests/operations.mjs

@@ -471,7 +471,7 @@ color: white;
     }),
 
     it("Extract dates", () => {
-        assert.strictEqual(chef.extractDates("Don't Look a Gift Horse In The Mouth 01/02/1992").toString(), "01/02/1992\n");
+        assert.strictEqual(chef.extractDates("Don't Look a Gift Horse In The Mouth 01/02/1992").toString(), "01/02/1992");
     }),
 
     it("Filter", () => {
@@ -859,7 +859,7 @@ pCGTErs=
     }),
 
     it("SQL Beautify", () => {
-        const result = chef.SQLBeautify(`SELECT MONTH, ID, RAIN_I, TEMP_F 
+        const result = chef.SQLBeautify(`SELECT MONTH, ID, RAIN_I, TEMP_F
 FROM STATS;`);
         const expected = `SELECT MONTH,
          ID,
@@ -879,8 +879,7 @@ FROM STATS;`;
         const result = chef.strings("smothering ampersand abreast", {displayTotal: true});
         const expected = `Total found: 1
 
-smothering ampersand abreast
-`;
+smothering ampersand abreast`;
         assert.strictEqual(result.toString(), expected);
     }),
 

package/tests/operations/index.mjs

@@ -96,6 +96,7 @@ import "./tests/Protobuf.mjs";
 import "./tests/ParseSSHHostKey.mjs";
 import "./tests/DefangIP.mjs";
 import "./tests/ParseUDP.mjs";
+import "./tests/ParseTCP.mjs";
 import "./tests/AvroToJSON.mjs";
 import "./tests/Lorenz.mjs";
 import "./tests/LuhnChecksum.mjs";

package/tests/operations/tests/ExtractEmailAddresses.mjs

@@ -11,7 +11,7 @@ TestRegister.addTests([
     {
         name: "Extract email address",
         input: "email@example.com\nfirstname.lastname@example.com\nemail@subdomain.example.com\nfirstname+lastname@example.com\n1234567890@example.com\nemail@example-one.com\n_______@example.com email@example.name\nemail@example.museum email@example.co.jp firstname-lastname@example.com",
-        expectedOutput: "email@example.com\nfirstname.lastname@example.com\nemail@subdomain.example.com\nfirstname+lastname@example.com\n1234567890@example.com\nemail@example-one.com\n_______@example.com\nemail@example.name\nemail@example.museum\nemail@example.co.jp\nfirstname-lastname@example.com\n",
+        expectedOutput: "email@example.com\nfirstname.lastname@example.com\nemail@subdomain.example.com\nfirstname+lastname@example.com\n1234567890@example.com\nemail@example-one.com\n_______@example.com\nemail@example.name\nemail@example.museum\nemail@example.co.jp\nfirstname-lastname@example.com",
         recipeConfig: [
             {
                 "op": "Extract email addresses",
@@ -22,7 +22,7 @@ TestRegister.addTests([
     {
         name: "Extract email address - Display total",
         input: "email@example.com\nfirstname.lastname@example.com\nemail@subdomain.example.com\nfirstname+lastname@example.com\n1234567890@example.com\nemail@example-one.com\n_______@example.com email@example.name\nemail@example.museum email@example.co.jp firstname-lastname@example.com",
-        expectedOutput: "Total found: 11\n\nemail@example.com\nfirstname.lastname@example.com\nemail@subdomain.example.com\nfirstname+lastname@example.com\n1234567890@example.com\nemail@example-one.com\n_______@example.com\nemail@example.name\nemail@example.museum\nemail@example.co.jp\nfirstname-lastname@example.com\n",
+        expectedOutput: "Total found: 11\n\nemail@example.com\nfirstname.lastname@example.com\nemail@subdomain.example.com\nfirstname+lastname@example.com\n1234567890@example.com\nemail@example-one.com\n_______@example.com\nemail@example.name\nemail@example.museum\nemail@example.co.jp\nfirstname-lastname@example.com",
         recipeConfig: [
             {
                 "op": "Extract email addresses",
@@ -33,7 +33,7 @@ TestRegister.addTests([
     {
         name: "Extract email address (Internationalized)",
         input: "\u4f0a\u662d\u5091@\u90f5\u4ef6.\u5546\u52d9 \u093e\u092e@\u092e\u094b\u0939\u0928.\u0908\u0928\u094d\u092b\u094b\n\u044e\u0437\u0435\u0440@\u0435\u043a\u0437\u0430\u043c\u043f\u043b.\u043a\u043e\u043c \u03b8\u03c3\u03b5\u03c1@\u03b5\u03c7\u03b1\u03bc\u03c0\u03bb\u03b5.\u03c8\u03bf\u03bc Jos\u1ec5Silv\u1ec5@googl\u1ec5.com\nJos\u1ec5Silv\u1ec5@google.com and Jos\u1ec5Silva@google.com\nFoO@BaR.CoM, john@192.168.10.100\ng\xf3mez@junk.br and Abc.123@example.com.\nuser+mailbox/department=shipping@example.com\n\u7528\u6237@\u4f8b\u5b50.\u5e7f\u544a\n\u0909\u092a\u092f\u094b\u0917\u0915\u0930\u094d\u0924\u093e@\u0909\u0926\u093e\u0939\u0930\u0923.\u0915\u0949\u092e\n\u044e\u0437\u0435\u0440@\u0435\u043a\u0437\u0430\u043c\u043f\u043b.\u043a\u043e\u043c\n\u03b8\u03c3\u03b5\u03c1@\u03b5\u03c7\u03b1\u03bc\u03c0\u03bb\u03b5.\u03c8\u03bf\u03bc\nD\xf6rte@S\xf6rensen.example.com\n\u0430\u0434\u0436\u0430\u0439@\u044d\u043a\u0437\u0430\u043c\u043f\u043b.\u0440\u0443\u0441\ntest@xn--bcher-kva.com",
-        expectedOutput: "\u4f0a\u662d\u5091@\u90f5\u4ef6.\u5546\u52d9\n\u093e\u092e@\u092e\u094b\u0939\u0928.\u0908\u0928\u094d\u092b\u094b\n\u044e\u0437\u0435\u0440@\u0435\u043a\u0437\u0430\u043c\u043f\u043b.\u043a\u043e\u043c\n\u03b8\u03c3\u03b5\u03c1@\u03b5\u03c7\u03b1\u03bc\u03c0\u03bb\u03b5.\u03c8\u03bf\u03bc\nJos\u1ec5Silv\u1ec5@googl\u1ec5.com\nJos\u1ec5Silv\u1ec5@google.com\nJos\u1ec5Silva@google.com\nFoO@BaR.CoM\njohn@192.168.10.100\ng\xf3mez@junk.br\nAbc.123@example.com\nuser+mailbox/department=shipping@example.com\n\u7528\u6237@\u4f8b\u5b50.\u5e7f\u544a\n\u0909\u092a\u092f\u094b\u0917\u0915\u0930\u094d\u0924\u093e@\u0909\u0926\u093e\u0939\u0930\u0923.\u0915\u0949\u092e\n\u044e\u0437\u0435\u0440@\u0435\u043a\u0437\u0430\u043c\u043f\u043b.\u043a\u043e\u043c\n\u03b8\u03c3\u03b5\u03c1@\u03b5\u03c7\u03b1\u03bc\u03c0\u03bb\u03b5.\u03c8\u03bf\u03bc\nD\xf6rte@S\xf6rensen.example.com\n\u0430\u0434\u0436\u0430\u0439@\u044d\u043a\u0437\u0430\u043c\u043f\u043b.\u0440\u0443\u0441\ntest@xn--bcher-kva.com\n",
+        expectedOutput: "\u4f0a\u662d\u5091@\u90f5\u4ef6.\u5546\u52d9\n\u093e\u092e@\u092e\u094b\u0939\u0928.\u0908\u0928\u094d\u092b\u094b\n\u044e\u0437\u0435\u0440@\u0435\u043a\u0437\u0430\u043c\u043f\u043b.\u043a\u043e\u043c\n\u03b8\u03c3\u03b5\u03c1@\u03b5\u03c7\u03b1\u03bc\u03c0\u03bb\u03b5.\u03c8\u03bf\u03bc\nJos\u1ec5Silv\u1ec5@googl\u1ec5.com\nJos\u1ec5Silv\u1ec5@google.com\nJos\u1ec5Silva@google.com\nFoO@BaR.CoM\njohn@192.168.10.100\ng\xf3mez@junk.br\nAbc.123@example.com\nuser+mailbox/department=shipping@example.com\n\u7528\u6237@\u4f8b\u5b50.\u5e7f\u544a\n\u0909\u092a\u092f\u094b\u0917\u0915\u0930\u094d\u0924\u093e@\u0909\u0926\u093e\u0939\u0930\u0923.\u0915\u0949\u092e\n\u044e\u0437\u0435\u0440@\u0435\u043a\u0437\u0430\u043c\u043f\u043b.\u043a\u043e\u043c\n\u03b8\u03c3\u03b5\u03c1@\u03b5\u03c7\u03b1\u03bc\u03c0\u03bb\u03b5.\u03c8\u03bf\u03bc\nD\xf6rte@S\xf6rensen.example.com\n\u0430\u0434\u0436\u0430\u0439@\u044d\u043a\u0437\u0430\u043c\u043f\u043b.\u0440\u0443\u0441\ntest@xn--bcher-kva.com",
         recipeConfig: [
             {
                 "op": "Extract email addresses",
@@ -44,7 +44,7 @@ TestRegister.addTests([
     {
         name: "Extract email address - Display total (Internationalized)",
         input: "\u4f0a\u662d\u5091@\u90f5\u4ef6.\u5546\u52d9 \u093e\u092e@\u092e\u094b\u0939\u0928.\u0908\u0928\u094d\u092b\u094b\n\u044e\u0437\u0435\u0440@\u0435\u043a\u0437\u0430\u043c\u043f\u043b.\u043a\u043e\u043c \u03b8\u03c3\u03b5\u03c1@\u03b5\u03c7\u03b1\u03bc\u03c0\u03bb\u03b5.\u03c8\u03bf\u03bc Jos\u1ec5Silv\u1ec5@googl\u1ec5.com\nJos\u1ec5Silv\u1ec5@google.com and Jos\u1ec5Silva@google.com\nFoO@BaR.CoM, john@192.168.10.100\ng\xf3mez@junk.br and Abc.123@example.com.\nuser+mailbox/department=shipping@example.com\n\u7528\u6237@\u4f8b\u5b50.\u5e7f\u544a\n\u0909\u092a\u092f\u094b\u0917\u0915\u0930\u094d\u0924\u093e@\u0909\u0926\u093e\u0939\u0930\u0923.\u0915\u0949\u092e\n\u044e\u0437\u0435\u0440@\u0435\u043a\u0437\u0430\u043c\u043f\u043b.\u043a\u043e\u043c\n\u03b8\u03c3\u03b5\u03c1@\u03b5\u03c7\u03b1\u03bc\u03c0\u03bb\u03b5.\u03c8\u03bf\u03bc\nD\xf6rte@S\xf6rensen.example.com\n\u0430\u0434\u0436\u0430\u0439@\u044d\u043a\u0437\u0430\u043c\u043f\u043b.\u0440\u0443\u0441\ntest@xn--bcher-kva.com",
-        expectedOutput: "Total found: 19\n\n\u4f0a\u662d\u5091@\u90f5\u4ef6.\u5546\u52d9\n\u093e\u092e@\u092e\u094b\u0939\u0928.\u0908\u0928\u094d\u092b\u094b\n\u044e\u0437\u0435\u0440@\u0435\u043a\u0437\u0430\u043c\u043f\u043b.\u043a\u043e\u043c\n\u03b8\u03c3\u03b5\u03c1@\u03b5\u03c7\u03b1\u03bc\u03c0\u03bb\u03b5.\u03c8\u03bf\u03bc\nJos\u1ec5Silv\u1ec5@googl\u1ec5.com\nJos\u1ec5Silv\u1ec5@google.com\nJos\u1ec5Silva@google.com\nFoO@BaR.CoM\njohn@192.168.10.100\ng\xf3mez@junk.br\nAbc.123@example.com\nuser+mailbox/department=shipping@example.com\n\u7528\u6237@\u4f8b\u5b50.\u5e7f\u544a\n\u0909\u092a\u092f\u094b\u0917\u0915\u0930\u094d\u0924\u093e@\u0909\u0926\u093e\u0939\u0930\u0923.\u0915\u0949\u092e\n\u044e\u0437\u0435\u0440@\u0435\u043a\u0437\u0430\u043c\u043f\u043b.\u043a\u043e\u043c\n\u03b8\u03c3\u03b5\u03c1@\u03b5\u03c7\u03b1\u03bc\u03c0\u03bb\u03b5.\u03c8\u03bf\u03bc\nD\xf6rte@S\xf6rensen.example.com\n\u0430\u0434\u0436\u0430\u0439@\u044d\u043a\u0437\u0430\u043c\u043f\u043b.\u0440\u0443\u0441\ntest@xn--bcher-kva.com\n",
+        expectedOutput: "Total found: 19\n\n\u4f0a\u662d\u5091@\u90f5\u4ef6.\u5546\u52d9\n\u093e\u092e@\u092e\u094b\u0939\u0928.\u0908\u0928\u094d\u092b\u094b\n\u044e\u0437\u0435\u0440@\u0435\u043a\u0437\u0430\u043c\u043f\u043b.\u043a\u043e\u043c\n\u03b8\u03c3\u03b5\u03c1@\u03b5\u03c7\u03b1\u03bc\u03c0\u03bb\u03b5.\u03c8\u03bf\u03bc\nJos\u1ec5Silv\u1ec5@googl\u1ec5.com\nJos\u1ec5Silv\u1ec5@google.com\nJos\u1ec5Silva@google.com\nFoO@BaR.CoM\njohn@192.168.10.100\ng\xf3mez@junk.br\nAbc.123@example.com\nuser+mailbox/department=shipping@example.com\n\u7528\u6237@\u4f8b\u5b50.\u5e7f\u544a\n\u0909\u092a\u092f\u094b\u0917\u0915\u0930\u094d\u0924\u093e@\u0909\u0926\u093e\u0939\u0930\u0923.\u0915\u0949\u092e\n\u044e\u0437\u0435\u0440@\u0435\u043a\u0437\u0430\u043c\u043f\u043b.\u043a\u043e\u043c\n\u03b8\u03c3\u03b5\u03c1@\u03b5\u03c7\u03b1\u03bc\u03c0\u03bb\u03b5.\u03c8\u03bf\u03bc\nD\xf6rte@S\xf6rensen.example.com\n\u0430\u0434\u0436\u0430\u0439@\u044d\u043a\u0437\u0430\u043c\u043f\u043b.\u0440\u0443\u0441\ntest@xn--bcher-kva.com",
         recipeConfig: [
             {
                 "op": "Extract email addresses",

package/tests/operations/tests/ParseTCP.mjs

@@ -0,0 +1,44 @@
+/**
+ * Parse TCP tests.
+ *
+ * @author n1474335
+ * @copyright Crown Copyright 2022
+ * @license Apache-2.0
+ */
+import TestRegister from "../../lib/TestRegister.mjs";
+
+TestRegister.addTests([
+    {
+        name: "Parse TCP: No options",
+        input: "c2eb0050a138132e70dc9fb9501804025ea70000",
+        expectedMatch: /1026 \(Scaled: 1026\)/,
+        recipeConfig: [
+            {
+                op: "Parse TCP",
+                args: ["Hex"],
+            }
+        ],
+    },
+    {
+        name: "Parse TCP: Options",
+        input: "c2eb0050a1380c1f000000008002faf080950000020405b40103030801010402",
+        expectedMatch: /1460/,
+        recipeConfig: [
+            {
+                op: "Parse TCP",
+                args: ["Hex"],
+            }
+        ],
+    },
+    {
+        name: "Parse TCP: Timestamps",
+        input: "9e90e11574d57b2c00000000a002ffffe5740000020405b40402080aa4e8c8f50000000001030308",
+        expectedMatch: /2766719221/,
+        recipeConfig: [
+            {
+                op: "Parse TCP",
+                args: ["Hex"],
+            }
+        ],
+    }
+]);

package/tests/operations/tests/ParseUDP.mjs

@@ -2,7 +2,6 @@
  * Parse UDP tests.
  *
  * @author h345983745
- *
  * @copyright Crown Copyright 2019
  * @license Apache-2.0
  */
@@ -12,15 +11,11 @@ TestRegister.addTests([
     {
         name: "Parse UDP: No Data - JSON",
         input: "04 89 00 35 00 2c 01 01",
-        expectedOutput: "{\"Source port\":1161,\"Destination port\":53,\"Length\":44,\"Checksum\":\"0101\"}",
+        expectedOutput: "{\"Source port\":1161,\"Destination port\":53,\"Length\":44,\"Checksum\":\"0x0101\"}",
         recipeConfig: [
-            {
-                op: "From Hex",
-                args: ["Auto"],
-            },
             {
                 op: "Parse UDP",
-                args: [],
+                args: ["Hex"],
             },
             {
                 op: "JSON Minify",
@@ -30,15 +25,11 @@ TestRegister.addTests([
     }, {
         name: "Parse UDP: With Data - JSON",
         input: "04 89 00 35 00 2c 01 01 02 02",
-        expectedOutput: "{\"Source port\":1161,\"Destination port\":53,\"Length\":44,\"Checksum\":\"0101\",\"Data\":\"0202\"}",
+        expectedOutput: "{\"Source port\":1161,\"Destination port\":53,\"Length\":44,\"Checksum\":\"0x0101\",\"Data\":\"0x0202\"}",
         recipeConfig: [
-            {
-                op: "From Hex",
-                args: ["Auto"],
-            },
             {
                 op: "Parse UDP",
-                args: [],
+                args: ["Hex"],
             },
             {
                 op: "JSON Minify",
@@ -51,13 +42,9 @@ TestRegister.addTests([
         input: "04 89 00",
         expectedOutput: "Need 8 bytes for a UDP Header",
         recipeConfig: [
-            {
-                op: "From Hex",
-                args: ["Auto"],
-            },
             {
                 op: "Parse UDP",
-                args: [],
+                args: ["Hex"],
             },
             {
                 op: "JSON Minify",