Interactive Tools
Client-side utilities for penetration testing. All calculations happen in your browser - no data is sent to any server.
CVSS Calculator
Calculate CVSS v3.1 scores for vulnerability severity assessment.
Data Exfiltration
Generate exfiltration commands for various protocols (HTTP, DNS, ICMP).
DNS & Email Security
DNS lookups and email security analysis (SPF, DKIM, DMARC).
Encoder/Decoder
Encode and decode Base64, Hex, URL, and other formats.
Findings Library
Copy-paste ready findings for pentest reports with remediation guidance.
Google Dork Builder
Build advanced Google search queries for OSINT and vulnerability discovery.
Hash Generator
Generate MD5, SHA1, SHA256, NTLM hashes and identify hash types.
IOC Fang/Defang
Safely defang and refang URLs, IPs, domains for sharing IOCs.
JWT Decoder
Decode and inspect JWT tokens - header, payload, and signature.
MAC Address Analyzer
Lookup MAC address vendors, convert formats, validate addresses.
Nmap Builder
Visually build complex Nmap scan commands with timing and scripts.
Password Generator
Generate secure random passwords with customizable rules.
Port Reference
Common ports lookup with service info and attack notes.
Report Builder
Build professional pentest reports with findings management, CVSS scoring, and export to Markdown or JSON.
Reverse Shell Generator
Generate reverse shell payloads for Bash, Python, PowerShell, and more.
STRIDE Threat Modeler
Interactive threat modeling with STRIDE/DREAD, smart suggestions, and report generation.
Subnet Calculator
Calculate network addresses, broadcast, usable hosts, and CIDR notation.
Timestamp Converter
Convert between Unix timestamps and human-readable dates.
Web Payload Builder
Generate SQLi, SSTI, SSRF, and command injection payloads for multiple platforms.
XSS Payload Generator
Generate context-aware XSS payloads with encoding and WAF bypass options.
Attack Tree Builder
Visual attack path planning with AND/OR gates, difficulty scoring, and export.
Playbook Builder
Create and manage operational playbooks for engagements with task tracking and evidence collection.
Vendor Risk Assessment
Evaluate third-party security posture with pre-built compliance frameworks and custom questionnaires.