// library
Security micro-tools
Hardened, self-contained, no external dependencies. Each enforces security headers, input validation, rate limiting, and logging.
JWT Security Auditor
Deep audit of a JSON Web Token: alg=none / alg-confusion, kid/jku/x5u header-injection surface, missing or over-long expiry, and sensitive data leaked into the payload. 100% offline; token never stored, logged, or signature-checked.
Phishing URL & Homograph Analyzer
Deconstruct a suspicious link and score homograph (IDN/punycode), look-alike TLD, "@" credential trick, raw-IP/hex host, and brand-impersonation risk. Static and offline — never visits or stores the URL. Accepts defanged input.
Typosquat & Lookalike Domain Finder
Brand-protection generator: produces the look-alike domains attackers register (homoglyphs, typos, hyphenation, TLD swaps, combo-squats) each scored for deceptiveness. Offline generation; no domain is contacted, nothing stored.
Sensitive Data Exposure Classifier
Scan text/logs/JSON for PII, PHI, payment data, and leaked secrets, mapped to GDPR/PCI-DSS/HIPAA exposure with a remediation checklist. Cards are Luhn-validated; matches masked; 100% offline; nothing stored or logged.
Ransomware Readiness Assessment
Weighted control self-assessment (CISA #StopRansomware / NIST CSF aligned) producing a readiness score, residual blast-radius estimate, and prioritised gap list. Answers scored in-memory only; never stored or logged.
AI Config Hardening Auditor
CIS-aligned hardening review of sshd, nginx/Apache, Dockerfile, compose, .env, Kubernetes, IAM, or CSP. Powered by Claude with an offline fallback. Config never stored.
Secret / Credential Leak Scanner
Detect exposed API keys, tokens, private keys, and passwords in pasted code/config. Matches are masked; 100% offline; nothing stored or logged.
SHA-256 / Hash Generator
Generate MD5/SHA-1/SHA-256/SHA-512 digests and HMACs for text.
Password Entropy Analyzer
Estimate password strength, entropy bits, and crack time.
Local Port Scanner (safe)
Non-invasive TCP connect check of this server's own common ports.
Log Anomaly Detector
Heuristic analysis of pasted logs for attacks and anomalies.
IP Reputation Checker
Classify an IP and query public DNSBL blocklists.
HTTP Security Header Checker
Grade a public site's HTTP security headers (SSRF-guarded).
NVD CVE Lookup + Mitigation
Lookup CVE details from the public NVD CVE 2.0 API and produce defensive remediation guidance.
CISA KEV Exploitation Checker
Check whether a CVE appears in CISA Known Exploited Vulnerabilities and show required action.
Domain DNS Security Auditor
Review SPF, DMARC, MX, NS, and TXT records for basic domain security posture.
Email Header Phishing Analyzer
Analyze pasted email headers for SPF/DKIM/DMARC results, routing anomalies, and phishing indicators.
Sigma Detection Rule Builder
Generate defensive Sigma-style detection logic from event fields without creating offensive code.
MITRE ATT&CK Technique Mapper
Map defensive observations to common MITRE ATT&CK tactics and mitigation ideas.
Published instances
| Title | Tool | Hosted URL | Views | Created |
|---|---|---|---|---|
| Webhook Attack Finder | dynamic_spec | /tool.php?id=1008 | 10 | 2026-06-30 |