Free Tools
Security Tools
Free online tools for security testing, encoding, hashing, and analysis. No sign-up required.
Header Analyzer
CSP Generator
JWT Decoder
Hash Generator
Encoder/Decoder
Password Checker
SQL Injection Tester
Security Header Analyzer
Check if a website has proper security headers configured
Content Security Policy Generator
New
Generate a Content Security Policy (CSP) header to protect against XSS and data injection attacks
default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self'; connect-src 'self'; frame-src 'none'; object-src 'none'; base-uri 'self'; form-action 'self'; upgrade-insecure-requests
Usage: Add this as a Content-Security-Policy HTTP response header.
Test first with Content-Security-Policy-Report-Only to avoid breaking your site.
JWT Decoder
New
Decode and inspect JSON Web Tokens (JWT) — header, payload, and claims. Does NOT verify signatures client-side.
Hash Generator
Generate cryptographic hashes of text using various algorithms
Encoder / Decoder
Encode and decode text in various formats (Base64, URL, HTML, Hex)
Password Strength Checker
Check how strong your password is against common attack patterns
SQL Injection Pattern Tester
New
Test input strings for common SQL injection patterns. For educational purposes — use to validate your input sanitization.