Security & Cryptography Tools for Privacy-Conscious Users
Worried about your passwords? Test their strength with entropy analysis, generate cryptographic hashes with MD5/SHA-256/SHA-512, and explore classical ciphers like Caesar — all running 100% locally in your browser. No data leaves your device.
Protect your digital life with tools that never touch a server. Test password strength, generate cryptographic hashes, and explore classical ciphers — all running locally in your browser with zero data transmission. Privacy-first security utilities for developers and everyone.
Encrypt and Decrypt with AES
Encrypt and decrypt text using AES-CBC or AES-GCM directly in your browser with the Web Crypto API.
Encode and Decode Base58
Encode text to Base58 and decode Base58 back to text using the Bitcoin alphabet.
Bcrypt Hash Generator
Generate and verify bcrypt password hashes securely in your browser.
Caesar Cipher
Encrypt and decrypt text using the Caesar cipher with a customizable shift value.
Configure CORS Headers
Generate Cross-Origin Resource Sharing configurations for Express.js, Nginx, Apache, Fetch API, Spring Boot, Django, and Laravel.
Build Content Security Policy
Generate CSP headers interactively with all directives, presets, and output for HTTP headers, meta tags, Nginx, Apache, and Express.
Hash Generator
Generate MD5, SHA-1, SHA-256, and SHA-512 hashes from any text input instantly.
Morse Code Encoder/Decoder
Encode text to Morse code and decode Morse code back to text instantly.
Password Strength Tester
Test and analyze the strength of any password with entropy calculation and detailed feedback.
Check Pwned Passwords
Check if your password has been exposed in known data breaches using the Have I Been Pwned API with k-anonymity protection.
Random Token Generator
Generate cryptographically secure random tokens and secrets instantly.
Generate RSA Key Pairs
Generate secure RSA public and private key pairs in PEM format.
Generate Security Headers
Configure and generate HTTP security headers with a security grade score. Export for Nginx, Apache, and Express.js.
Split Secrets with Shamir's Scheme
Split a secret into N shares and reconstruct it with any K shares using Shamir's Secret Sharing over GF(256).
Decode SSL/TLS Certificates
Parse and inspect PEM-encoded X.509 certificates. View subject, issuer, validity, serial number, signature algorithm, and public key details.
Hide Text in Images with Steganography
Hide secret messages inside images using LSB steganography. Extract hidden text from stego images. All processing happens in your browser.
Vigenere Cipher
Encrypt and decrypt text using the Vigenere cipher with a keyword.
Select the security utility
Password strength testers, hash generators, encryption tools, classical cipher explorers: each tool addresses a different aspect of digital security. Pick based on whether you are creating, verifying, or learning.
Input your data
Paste the password, text, or hash you want to work with. Everything stays in your browser; no data is transmitted. This is critical for security tools because sending passwords to a server would defeat the entire purpose.
Interpret the results
Password testers show strength scores and specific weaknesses. Hash generators produce hex or Base64 digests. Cipher tools encrypt and decrypt with the key you provide. Read the explanations alongside the output.
Apply what you learned
Use stronger passwords, verify file integrity with hashes, or understand how classical ciphers work for academic purposes. These tools are educational as much as they are practical.
Developers Implementing Authentication
When you are building a login system, testing password strength before storing hashes is a basic best practice. Our strength tester evaluates entropy, common patterns, and dictionary attacks. Use it to validate your password policy before users hit it.
Students Learning Cryptography
Caesar ciphers, Vigenere ciphers, and other classical encryption methods are the foundation of cryptography courses. Our interactive tools let you encrypt and decrypt text while seeing how each step transforms the input. It makes abstract algorithms concrete.
Anyone Verifying File Integrity
Downloaded a file and want to check it has not been tampered with? Generate its SHA-256 hash and compare it to the one published by the source. Our tool runs the hash locally so the file contents are never exposed to a third party.
| Tool | Best For |
|---|---|
| Encrypt and Decrypt with AES | Encrypt and decrypt text using AES-CBC or AES-GCM directly in your browser with the Web Crypto API. |
| Encode and Decode Base58 | Encode text to Base58 and decode Base58 back to text using the Bitcoin alphabet. |
| Bcrypt Hash Generator | Generate and verify bcrypt password hashes securely in your browser. |
| Caesar Cipher | Encrypt and decrypt text using the Caesar cipher with a customizable shift value. |
| Configure CORS Headers | Generate Cross-Origin Resource Sharing configurations for Express.js, Nginx, Apache, Fetch API, Spring Boot, Django, and Laravel. |
| Build Content Security Policy | Generate CSP headers interactively with all directives, presets, and output for HTTP headers, meta tags, Nginx, Apache, and Express. |
| Hash Generator | Generate MD5, SHA-1, SHA-256, and SHA-512 hashes from any text input instantly. |
| Morse Code Encoder/Decoder | Encode text to Morse code and decode Morse code back to text instantly. |
| Password Strength Tester | Test and analyze the strength of any password with entropy calculation and detailed feedback. |
| Check Pwned Passwords | Check if your password has been exposed in known data breaches using the Have I Been Pwned API with k-anonymity protection. |
| Random Token Generator | Generate cryptographically secure random tokens and secrets instantly. |
| Generate RSA Key Pairs | Generate secure RSA public and private key pairs in PEM format. |
| Generate Security Headers | Configure and generate HTTP security headers with a security grade score. Export for Nginx, Apache, and Express.js. |
| Split Secrets with Shamir's Scheme | Split a secret into N shares and reconstruct it with any K shares using Shamir's Secret Sharing over GF(256). |
| Decode SSL/TLS Certificates | Parse and inspect PEM-encoded X.509 certificates. View subject, issuer, validity, serial number, signature algorithm, and public key details. |
| Hide Text in Images with Steganography | Hide secret messages inside images using LSB steganography. Extract hidden text from stego images. All processing happens in your browser. |
| Vigenere Cipher | Encrypt and decrypt text using the Vigenere cipher with a keyword. |
Yes; all security tools are free with no registration.
Yes. The password strength tester runs entirely in your browser. Your password is never transmitted to any server. Not even a hash of it. The analysis uses local dictionaries and pattern matching; nothing leaves your device.
MD5, SHA-1, SHA-256, and SHA-512. For security purposes, use SHA-256 or SHA-512. MD5 and SHA-1 are provided for legacy verification but should not be used for new security implementations.
No. Hashing is a one-way function by design. If you could reverse a hash, it would not be useful for security. Our tool generates hashes; it does not crack them.
The classical ciphers (Caesar, Vigenere) are educational tools. They are trivially breakable by modern standards and should never be used for actual secret communication. For real encryption, use TLS, AES, or other modern protocols.
Yes. Upload or paste the file content, generate the hash, and compare it to the expected checksum. This verifies that the file has not been modified since the original hash was published.
No. We do not have a database for user data. There is no account system, no logging, and no analytics on tool inputs. The tools are static JavaScript running in your browser.
Encode and Decode Base58
Encode text to Base58 and decode Base58 back to text using the Bitcoin alphabet.
Configure CORS Headers
Generate Cross-Origin Resource Sharing configurations for Express.js, Nginx, Apache, Fetch API, Spring Boot, Django, and Laravel.
Build Content Security Policy
Generate CSP headers interactively with all directives, presets, and output for HTTP headers, meta tags, Nginx, Apache, and Express.
Missing something?
Tell us what tool you're looking for and we'll build it for you. We love new ideas!