Default Wi‑Fi Password Calculator - Online ISP Router Keygen
Enter a router's MAC address or serial and generate the common default WPA passphrase for major ISP brands. Educational purpose only.
UD5 Toolkit
Enter a router's MAC address or serial and generate the common default WPA passphrase for major ISP brands. Educational purpose only.
Check if a password appears in the Have I Been Pwned database using k‑Anonymity. Only the first 5 characters of the hash are sent.
Generate a hash showing how trackers can fingerprint your browser (canvas, WebGL, fonts). Educational and privacy‑aware.
Encrypt and decrypt messages using the classic Caesar cipher with configurable shift key. Fun for puzzles and basic cryptography lessons. Entirely browser-based.
Add a repeating diagonal text watermark to your images. Adjust opacity, font, and color. Protect your photos locally.
Build an iframe with different sandbox flags and see live which features are blocked. For secure embedding.
Create secure passwords that look like gibberish words but are easy to pronounce and remember. Mix of syllables. Local generation.
Find out the real destination of any shortened link (bit.ly, t.co, etc.) without clicking. Resolves redirects locally using public HTTP headers.
Protect your images by adding a text or image watermark. Adjust transparency, position, and rotation. All image processing is done locally; no upload to server.
Build a valid SPF TXT record by selecting mail servers, IPv4/IPv6 ranges, and includes. Validate syntax and get ready‑to‑publish output.
Generate ultra-secure, random passwords with configurable length and character sets. Created entirely on your device; never transmitted or stored.
Strip dangerous HTML tags and attributes (scripts, onclick) to prevent XSS attacks. Safe iframe preview. Local sanitation engine.
Evaluate the strength of your passwords with a visual meter and detailed feedback. Check for length, complexity, and breached passwords. All analysis is client-side.
Create random strings of any length using custom character sets. Perfect for generating API tokens, salts, and unique codes. Fully client-side secure.
Hide your email address from scrapers by encoding it using HTML entities and CSS tricks. Still clickable for real users. Local generator.
Decode the header and payload of a JSON Web Token (JWT) without verifying the signature. Inspect claims securely on the client side. Great for developers.
Create a strong, memorable password using 4 random common words. The famous xkcd method. Local wordlist.
Paste email headers or body text to quickly spot phishing signs, suspicious domains, and obfuscated links. Educational and private.
Obfuscate strings using simple techniques to prevent casual reading. Useful for hiding spoilers or email addresses from bots. Decode with the same tool.
Extract and view EXIF data from photos including camera settings, GPS location, and timestamps. All metadata read locally, your photos stay private.
Test a regular expression against malicious inputs to detect catastrophic backtracking and ReDoS vulnerabilities. Educational.
Check which cipher suites a website supports and identify weak or outdated ones. Quick security audit from your browser.
Fetch a site’s HSTS header and validate its syntax, max‑age, and subdomain flags. Ensure your site enforce HTTPS.
Evaluate password strength through a short interactive story where each character set adds lines to a narrative. Educational fun.
Generate Time‑based One‑Time Passwords locally by entering a base32 secret. Verify your authenticator setup without a phone.
Look at HTTP headers and JavaScript objects to guess which browser extensions might be installed. For awareness.
Type a password and see a bar that fills based on estimated bits of entropy. Color‑coded feedback. No storage.
Store passwords and notes encrypted with a master passphrase. Data lives only in your browser's localStorage. No cloud.
Generate encrypted passwords for .htaccess basic authentication. Create .htpasswd entries using bcrypt, MD5, or SHA. Server admin utility, local compute.
Generate strong random strings for API tokens, session secrets, or encryption keys. Uses crypto.getRandomValues().
Validate a DNSSEC chain by entering DS and RRSIG records. Verify that signatures match. Educational. Local algorithm.
Paste the Permissions‑Policy header and get a human‑readable table of allowed/blocked browser features. Understand how your site is restricted.
Apply a classic Caesar shift cipher with any key. Encrypt or decrypt text instantly. Brute force option included.
Create a repeating text pattern from a short string for watermarking documents or images. Download SVG pattern.
Instantly convert plain text into HTML‑safe escaped characters for secure display in web pages. Prevent cross‑site scripting. All processing local.
Compare your password against a built‑in list of the 10,000 most common passwords. Instant warning if it appears.
Hide a secret message inside a normal text using zero-width characters or invisible ink. Copy the result. Decode with the same tool.
Paste raw email headers and get a human-readable breakdown of the delivery route, authentication results, and delays. Private analysis.
Inspect any website's SSL/TLS certificate details: issuer, expiry date, subject, and SANs. Verify certificate chains. All checks are private and require no server upload.
Generate a standard otpauth:// URI and QR code for authenticator apps. Set issuer, account, and secret. All local.
Generate cryptographic and checksum hashes for any text string. Supports MD5, SHA-1, SHA-256, and CRC32. All hashing runs locally for maximum privacy.
Easily apply ROT13 cipher to obfuscate or reveal text. A classic letter substitution cipher that works bidirectionally. Purely client-side processing.
Drop a PDF and extract any embedded JavaScript or form actions. Check for malicious code. Privacy‑friendly analysis.
Enter a password and see the estimated time it would take to crack using brute force at different speeds. Educational.
Create a random long password that alternates consonants and vowels to mimic a pronounceable word. XKCD meets CVCV. Local.
Create a strong yet easy‑to‑remember passphrase from random common words. Combines 4‑6 words. Fully offline. XKCD compliant.
Paste text and instantly see if it contains hidden zero‑width characters often used in steganography. Reveal invisible payloads.
Escape HTML special characters to prevent XSS attacks, or unescape HTML entities back to original text. Essential for web developers. Runs locally.
Use the new Sanitizer API to safely insert raw HTML into the DOM. Blocks malicious tags. Experimental demo.
Encrypt and decrypt text using AES in the browser with a password. Uses Web Crypto API. No data sent to server.
Check if your site is cross‑origin isolated by examining the COOP and COEP headers. See if SharedArrayBuffer is available.
Hash passwords using the bcrypt algorithm with configurable cost factor. Also verify a password against a stored hash. All local.
Define minimum length, uppercase, digits, special chars, and check if a password meets your custom policy. Instant feedback.
Test SQL injection inputs on a mock database and see the resulting query. Learn how to prevent SQLi. No real data.
Generate cryptographic key pairs using the Web Crypto API. Export as JWK or raw. No server needed; pure security.
Paste a PEM/DER certificate and decode all fields: issuer, subject, validity, SANs, and fingerprint. Pure JavaScript parser.
Create an HMAC (Hash‑based Message Authentication Code) using SHA‑256 or SHA‑512 with a secret key. Verify data integrity. Local.
Generate cryptographically secure BIP39 mnemonic phrases (12 or 24 words) for HD wallet seeds. All entropy generated locally.
Enter a website and check which security headers (HSTS, CSP, X‑Frame‑Options) are present. Get a security grade.
Generate SHA‑3 and SHAKE hashes of any text with configurable output length. All local using js library.