Utilities

Tools

Developer, security, and SEO utilities. Client-side tools stay in your browser; server-side checks only inspect publicly accessible website data.

Client-side

Runs in your browser. No data sent.

18 tools

Password generator

Generate cryptographically secure passwords in your browser.

Client-side onlyPopular

Password strength checker

Estimate password strength locally without sending the password anywhere.

Client-side only

CSP generator

Generate a starter Content-Security-Policy header for modern websites.

Client-side onlyFeatured

Hash generator / verifier

Generate and verify MD5 and SHA hashes locally in your browser.

Client-side only

CSR generator

Create an OpenSSL CSR config and command without exposing private keys.

Client-side only

Certificate decoder

Decode public PEM certificate metadata locally in your browser.

Client-side only

Base64 encode / decode

Encode and decode Base64 with Unicode and URL-safe support.

Client-side only

Base64 image converter

Convert images to Base64 data URLs and preview Base64 images locally.

Client-side only

URL encoder / decoder

Percent-encode and decode URL components locally.

Client-side only

JSON formatter

Format, validate, and inspect JSON without sending it anywhere.

Client-side only

JSON to YAML

Convert JSON documents to YAML locally in your browser.

Client-side only

YAML to JSON

Convert YAML documents to formatted JSON locally in your browser.

Client-side only

JWT decoder / generator

Decode JWTs and generate HS256 test tokens locally in your browser.

Client-side only

Regex tester

Test regular expressions with live matches and groups.

Client-side only

UUID generator

Generate UUID v4 identifiers using the browser Web Crypto API.

Client-side only

Unix timestamp converter

Convert Unix timestamps to ISO dates and back.

Client-side only

Cron expression parser

Parse cron expressions and preview upcoming run times.

Client-side only

Robots.txt generator

Generate a starter robots.txt file with sitemap and crawl rules.

Client-side only

Public website checks

Validated public HTTPS targets only. No intrusive scanning.

6 tools