Security & crypto tools
Hashes, ciphers, JWTs, passwords, keys and threat-intel helpers — everything runs offline in your browser.
AES cipher
Encrypt or decrypt text with AES in CBC, CTR, GCM or ECB mode and 128/192/256-bit keys, with hex/base64 I/O — in your browser. Nothing is uploaded.
AES Key Wrap
Wrap and unwrap cryptographic keys with AES Key Wrap (KW / RFC 3394, KWP / RFC 5649) using a 128/192/256-bit KEK — hex or base64, free and in-browser.
Argon2 hash
Hash a password with Argon2id (configurable memory, iterations, parallelism) and get a PHC string, or verify a password — in your browser. Nothing is uploaded.
ASN.1 / DER parser
Parse an ASN.1 / DER hex string into a readable tree of tags, lengths, OIDs and values — free, in your browser. Inspect X.509 certificates, keys and CSRs.
Bcrypt hash
Hash a password with bcrypt at a chosen cost and get a $2b$ hash string, or verify a password against an existing bcrypt hash — in your browser. Nothing is uploaded.
BIP39 Mnemonic Seed Phrase Generator
Generate a BIP39 mnemonic seed phrase (12–24 words) with checksum and derived 512-bit seed, entirely in your browser. Optional passphrase. Free and private.
Blowfish cipher
Encrypt or decrypt data with the Blowfish cipher in ECB or CBC mode, with hex/base64 I/O — in your browser. Variable 4–56 byte key. Nothing is uploaded.
ChaCha20 cipher
Encrypt or decrypt text with ChaCha20 or ChaCha20-Poly1305 AEAD (RFC 8439) in your browser — 32-byte key, 12-byte nonce, hex/base64 I/O. Nothing is uploaded.
CipherSaber-2 cipher
Encrypt and decrypt CipherSaber-2 (RC4 with a 10-byte IV and repeated key setup) in your browser — hex or base64 output. Free, private, nothing uploaded.
Classical Cipher Tool
Encrypt and decrypt Caesar, Vigenère, Atbash, and rail-fence ciphers in your browser, with a Caesar brute-force listing all 26 shifts. Free and private.
AES-CMAC Generator
Generate an AES-CMAC (NIST SP 800-38B / RFC 4493) of any message and key in your browser — AES-128/192/256 by key length, hex or base64 output. Free and private.
DES cipher
Encrypt or decrypt data with single DES in ECB or CBC mode, with hex/base64 I/O — in your browser. For legacy interop. Nothing is uploaded.
ECDSA sign
Sign a message with an ECDSA private key (NIST P-256 or P-384) and get a DER or raw r||s signature in base64 and hex, in your browser. Nothing is uploaded.
EVP_BytesToKey — OpenSSL key & IV derivation
Reproduce OpenSSL's EVP_BytesToKey key and IV derivation from a password and salt (MD5, SHA-1, SHA-256, SHA-512) — free and entirely in your browser.
Extract Hashes
Pull every MD5, SHA-1, SHA-256 and SHA-512 hash out of any text, grouped by algorithm and deduplicated — in your browser. Nothing is uploaded.
Fernet token tool
Create and read Fernet tokens (AES-128-CBC + HMAC-SHA256) in your browser: generate a key, encrypt to a url-safe token, decrypt with optional TTL. No upload.
HOTP generator
Generate counter-based one-time (HOTP, RFC 4226) codes from a base32 secret and a counter, in your browser. The secret never leaves your device.
GOST Kuznyechik cipher
Encrypt or decrypt text with the GOST Kuznyechik cipher (GOST R 34.12-2015) in CBC, CTR, CFB, OFB or ECB mode — 256-bit key, hex/base64 I/O, in your browser.
GOST Magma cipher
Encrypt or decrypt text with the GOST 28147-89 Magma 64-bit block cipher — ECB or CBC, 256-bit key, hex or base64 — free and entirely in your browser.
Hash All Generator
Hash text with every common algorithm at once — MD5, SHA-1, SHA-256/512, SHA-3, BLAKE3, RIPEMD-160, CRC-32 and more — free and private in your browser.
Hash Identifier
Paste a hash and instantly identify its likely algorithm — bcrypt, Argon2, MD5, SHA-1/256/512, NTLM, sha512crypt, PHPass and more. Runs entirely in your browser.
Text Hash Generator
Generate MD5, SHA-1, SHA-256/512, SHA-3, BLAKE2 or BLAKE3 hashes of any text in your browser, with hex or base64 output. Free, private, nothing uploaded.
HKDF key derivation
Derive keys with HKDF, the HMAC-based extract-and-expand KDF from RFC 5869 — choose hash, salt, info label, length and hex/base64 output, all in your browser.
HMAC Generator
Generate an HMAC of any message and secret key in your browser — HMAC-SHA256, SHA-1, SHA-512, SHA-3 or MD5, hex or base64 output. Free and private.
Index of Coincidence Calculator
Calculate the Index of Coincidence (IC) of any text — spot monoalphabetic vs polyalphabetic ciphers and estimate a Vigenère key length. Free, in your browser.
Defang / Refang IOCs
Defang or refang IOCs in your browser: turn http://evil.com into hxxp[://]evil[.]com so URLs, IPs, domains and emails are safe to share. Free, private.
IOC Extractor
Extract IOCs from threat reports in your browser — IPs, URLs, domains, emails, MD5/SHA hashes — with defanged (hxxp, [.]) input support. Free, private, no sign-up.
JA3 Fingerprint Calculator
Compute the JA3 and JA3N fingerprints (string + MD5 hash) of a TLS ClientHello from pasted hex, GREASE removed — free and local in your browser.
JA4S Fingerprint Calculator
Compute a JA4S server fingerprint from a TLS ServerHello in hex — the JA4+ server hash of version, ALPN, cipher, and extensions. Nothing is uploaded.
JWK Thumbprint
Compute the RFC 7638 SHA-256 thumbprint of a JSON Web Key — the canonical kid — in your browser. Supports RSA, EC, OKP, and oct keys. Nothing is uploaded.
JWT decode
Decode any compact JSON Web Token (JWT) offline to inspect its header, payload claims, signature, and time-based validations. No data leaves your device.
JWT sign
Sign a JSON Web Token (JWT) from a payload with HS256/384/512, RS256/384/512 or ES256/384 in your browser. The secret and key never leave your device.
JWT verify
Verify a JWT signature (HS256/384/512, RS256/384/512, ES256/384) and its exp, nbf, iss and aud claims in your browser — token and key never leave your device.
Keccak-256 Hash Generator
Compute the original Keccak-256 or Keccak-512 hash of any text in your browser — the exact hash Ethereum uses, not FIPS SHA-3. Free and private.
Luhn Check Digit Calculator
Compute the Luhn (mod-10) check digit for a partial number and get the completed, valid number — instantly, in your browser. Nothing is uploaded, free.
Luhn Validator
Validate a credit card, IMEI, or any number against the Luhn check-digit algorithm — instantly, in your browser. Nothing is uploaded, free.
LZNT1 Decompress
Decompress LZNT1 (Windows RtlCompressBuffer) blobs from hex or Base64 in your browser — registry hives, hiberfil, malware configs. Free, private, no sign-up.
NT / NTLM Hash Generator
Generate the NT (NTLM) hash of a password — MD4 of its UTF-16LE encoding — instantly in your browser. Hex or base64 output. Free, private, nothing uploaded.
otpauth:// URI generator
Build an otpauth:// provisioning URI (TOTP/HOTP) from an issuer, account, and base32 secret to set up any authenticator app. The secret stays in your browser.
Password Strength Checker
Estimate a password's entropy in bits and crack time, and flag weaknesses — entirely in your browser. Your password is never sent anywhere, free.
Password Generator
Generate strong random passwords or passphrases with configurable length, character sets, and word count — entirely in your browser, nothing uploaded, free.
PBKDF2 key derivation
Derive a key from a password with PBKDF2-HMAC (SHA-1/256/512). Pick iterations, salt, length and hex/base64 output — all in your browser. Nothing is uploaded.
PEM ⇄ DER Converter
Convert keys, certificates and CSRs between PEM (base64 text) and DER (binary, shown as hex or base64) in either direction. Runs in your browser, nothing uploaded, free.
Extract Public Key from a Private Key
Derive the public key from an RSA, EC (P-256/P-384) or Ed25519 private key as a PEM public-key block. Free, in your browser — nothing is uploaded.
PEM → JWK converter
Convert a PEM-encoded RSA or EC key into a JSON Web Key (JWK), in your browser. Nothing is uploaded.
PGP key info
Inspect an ASCII-armored PGP public or private key locally: fingerprint, key ID, algorithm, user IDs, dates, and subkeys.
PGP verify
Verify a PGP signature online — detached or clearsigned — against a message and public key; reports validity and signer key ID. Runs in your browser.
Rabbit cipher
Encrypt or decrypt text with the Rabbit stream cipher (RFC 4503 / eSTREAM) — 128-bit key, optional 64-bit IV, hex or base64. Free, in-browser, no upload.
Random Token Generator
Generate cryptographically secure random tokens, API keys, and secrets with a configurable length and character set — entirely in your browser, nothing uploaded, free.
RC2 cipher
Encrypt or decrypt with the RC2 block cipher (RFC 2268) in ECB or CBC mode, configurable effective key bits, hex or Base64 output — in your browser.
RC4 cipher
Encrypt or decrypt text with the RC4 stream cipher — optional drop-N to skip weak keystream bytes, hex or base64 output — free and in your browser.
RC6 cipher
Encrypt or decrypt data with RC6-32/20 in ECB or CBC mode with hex/base64 I/O — in your browser. For interop, learning, and CTFs. Nothing is uploaded.
Redact PII
Detect and redact PII (emails, phone numbers, IPs, credit-card and SSN numbers) in text, in your browser. Nothing is uploaded.
RSA encrypt
Encrypt a short message to an RSA public key (OAEP or PKCS#1 v1.5, SHA-256/384/512) and get base64 ciphertext, in your browser. Nothing is uploaded.
RSA sign
Sign a message with an RSA private key (PKCS#1 v1.5 or PSS, SHA-256/384/512) and get a base64 signature, in your browser. Nothing is uploaded.
RSA verify
Verify an RSA signature (PKCS#1 v1.5 or PSS, SHA-256/384/512) over a message against an RSA public key, in your browser. Nothing is uploaded.
SafeLink Decoder
Decode Outlook SafeLinks, Proofpoint URLDefense (v2/v3), Google redirects and ?url= wrappers to reveal the real destination. In-browser, no fetch, free.
Salsa20 cipher
Encrypt and decrypt with the Salsa20 stream cipher in your browser — 16/32-byte key, 8-byte nonce, hex or base64 output. Free, private, nothing uploaded.
scrypt key derivation
Derive a key from a password with the scrypt memory-hard KDF (RFC 7914). Set N, r, p, salt and hex/base64 output — free and fully in-browser.
SHA-1 Hash Generator
Generate a SHA-1 hash of any text in your browser — hex or base64 output, uppercase option, hex/base64 input decoding. Free, private, nothing uploaded.
SHA-256 Hash Generator
Generate a SHA-256 (SHA-2) hash of any text instantly in your browser — hex or base64 output, uppercase option. Free, private, nothing is uploaded.
SHA-3 Hash Generator
Compute the FIPS-202 SHA-3 hash (SHA3-256/384/512) of any text in your browser — the NIST standard, not Keccak. Hex or base64 output. Free, private, no sign-up.
SM2 public key from private key
Derive an SM2 public key from a private key (GM/T 0003, curve sm2p256v1) — hex scalar or PKCS#8 PEM in, SEC1 hex and SPKI PEM out. In-browser, no upload.
SM4 cipher
Encrypt or decrypt data with the SM4 block cipher (GB/T 32907) in ECB or CBC mode, with hex/base64 I/O — in your browser. 128-bit key. Nothing is uploaded.
Get the SSH Public Key from a Private Key
Derive the OpenSSH public key (id_*.pub line) from an RSA, ECDSA (P-256/P-384) or Ed25519 private key. Runs in your browser, nothing uploaded, free.
Text encrypt
Encrypt or decrypt text with a passphrase using AES-256-GCM, in your browser. Get a copy-pasteable token. Nothing is uploaded.
TOTP generator
Generate time-based one-time (2FA) codes from a TOTP secret, in your browser. The secret never leaves your device.
Checksum Verifier
Verify text or data against an expected checksum — auto-detects MD5, SHA-1, SHA-256, SHA-3, BLAKE2 or BLAKE3 from digest length. Free, private, in-browser.
XOR cipher
XOR text, hex, or Base64 data against a repeating key and output hex, Base64, or UTF-8. Symmetric encrypt/decrypt in your browser.
