Regex Injection / ReDoS Tester - Online Safe Pattern Test
Test a regular expression against malicious inputs to detect catastrophic backtracking and ReDoS vulnerabilities. Educational.
UD5 Toolkit
Online XSS Prevention Sandbox & Security Playground
Test a regular expression against malicious inputs to detect catastrophic backtracking and ReDoS vulnerabilities. Educational.
Drop a PDF and extract any embedded JavaScript or form actions. Check for malicious code. Privacy‑friendly analysis.
Configure how your PWA launches: focus existing or create new. Test with the launch_handler manifest field.
Build a horizontal scroll‑snap container with configurable snap‑type and alignment. Perfect for image galleries.
Compare all CSS easing presets side by side on a bouncing ball. See which curve fits your UI animation.
Query the permission state of camera, microphone, geolocation, and more. See the response and learn the API.
Process audio faster than real‑time with OfflineAudioContext. Apply filters and export the result. Dev tool.
Drop files onto a zone and see a preview with name, size, and type. Copy the JavaScript pattern for your site.
Demonstrate how to add custom headers and POST‑like functionality to EventSource using a polyfill. Code and example.
Scroll a container and see how sticky elements behave. Adjust top, bottom, and scroll margins. Copy the code.
Render the classic Stanford Bunny with a basic WebGPU pipeline. Rotate and zoom. Check if your browser supports WebGPU.
See how scroll‑padding and scroll‑margin affect the position of elements when using anchor links or scroll‑snap. Visual.
Test the experimental Translation API to translate text between languages directly in the browser, without cloud calls. Check support and copy the JavaScript starter.
Validate a DNSSEC chain by entering DS and RRSIG records. Verify that signatures match. Educational. Local algorithm.
Paste the Permissions‑Policy header and get a human‑readable table of allowed/blocked browser features. Understand how your site is restricted.
Apply a convolution filter (blur, sharpen) using a Web Worker. See the UI stay responsive while processing. Learn multithreading in the browser.
Toggle scrollbar‑gutter: stable to reserve space for the scrollbar and avoid content jumps. Visual demo with two columns.
Acquire and release locks across tabs. Prevent race conditions in IndexedDB or localStorage. Visual queue and lock state.
Register a periodic background sync to fetch fresh data even when the tab is closed. Understand the API and limits.
Fetch a site’s HSTS header and validate its syntax, max‑age, and subdomain flags. Ensure your site enforce HTTPS.
Test the Fullscreen API: request fullscreen on a colored div, detect changes, and copy the JavaScript boilerplate.
See the View Transitions API in action. Cross‑fade and morph between two states. Copy the JavaScript starter code.
Build an iframe with different sandbox flags and see live which features are blocked. For secure embedding.
Instantly convert plain text into HTML‑safe escaped characters for secure display in web pages. Prevent cross‑site scripting. All processing local.
Find safe mixing ratios for the classic elephant toothpaste demonstration. Volume adjustments for different container sizes.
Strip dangerous HTML tags and attributes (scripts, onclick) to prevent XSS attacks. Safe iframe preview. Local sanitation engine.
Paste email headers or body text to quickly spot phishing signs, suspicious domains, and obfuscated links. Educational and private.
Escape HTML special characters to prevent XSS attacks, or unescape HTML entities back to original text. Essential for web developers. Runs locally.
Evaluate the strength of your passwords with a visual meter and detailed feedback. Check for length, complexity, and breached passwords. All analysis is client-side.
Generate ultra-secure, random passwords with configurable length and character sets. Created entirely on your device; never transmitted or stored.