Tools
JSON Parse & Filter
This tool acts like an in-browser version of the jq tool for filtering JSON. All processing is done client-side.
Password Word List Generator
Tool for generating a word list of password candidates based off of a seed word. The output list can be used as a word list in tools like hashcat with rules to crack hashes. All processing is done client-side.
JWT Fuzzer
This tool generates fuzzing payloads based on a JWT given as input. The payloads are designed to test common JWT issues and bypasses, as well as attempt to cause server errors via invalid and missing values.
Sequential Payload Generator
This tool generates a list of sequential payloads starting and ending at the specified numbers. These values can be arbitrarily large and outputted as integers, HEX values, or base64 encoded strings.
Web App Checklist
This page is an interactive tool of this page. It gives you the ability to create a new project and tick off each check that you have performed. All the data and processing is done client-side.
BaseN Converter
This tool can convert from UTF-8 strings to BaseN. It can also convert from BaseN to UTF-8 or HEX.
XOR Encryption Cracker
This is a tool for breaking the encryption of messages that have been XOR encrypted using a repeated key. This tool uses statistics (letter frequencies and use of common words, bigrams, and trigrams) to find the most likely key length and and key. This works best for longer cipher-texts.
API Fuzzing Payloads
This tools contains a lists of payloads that may be useful when performing fuzzing attacks. This includes things like CR-LF, Interesting Files, Bad Strings, & JSON Parameter fuzzing.