Tools
Build payloads, map attack paths, draft reports, inspect data, and reach for niche utilities from one catalog. Every tool here stays browser-side unless the target route explicitly leaves the tools section.
Browse By Category
Each lane gets its own landing page, so you can stay inside the task you are doing instead of bouncing through unrelated utilities.
Command Assembly
Builders
Payload generators, scan composers, and operator workflow builders for faster setup and repeatable execution.
Threat Design
Modeling
Planning surfaces for attack paths, STRIDE analysis, and engagement playbooks before you touch production.
Delivery
Reporting
Findings, scoring, and report composition assets that shorten the path from test notes to client-ready output.
Decode And Inspect
Analysis
Decoders, converters, lookups, and protocol references for interpreting evidence and validating assumptions.
Niche Workflows
Specialized
Purpose-built utilities for privacy, biometrics, exfiltration planning, and adjacent operator tasks.
Visual Planning
Diagrams
Diagram-first tooling for mapping attack logic and system relationships in a format teams can review quickly.
Full Catalog
Browse the full inventory here, or jump into a category when you already know what you need.
Command Assembly
Builders
Payload generators, scan composers, and operator workflow builders for faster setup and repeatable execution.
Nmap Builder
Build Nmap command lines with scan types, timing, targets, and NSE options.
Password Generator
Generate strong random passwords with tunable length and character policies.
Reverse Shell Generator
Generate reverse shell payloads for Bash, Python, PowerShell, PHP, and more.
Web Payload Builder
Generate SQLi, SSTI, SSRF, and command-injection payloads across common stacks.
XSS Payload Generator
Generate context-aware XSS payloads with encoding and bypass variants.
Threat Design
Modeling
Planning surfaces for attack paths, STRIDE analysis, and engagement playbooks before you touch production.
Delivery
Reporting
Findings, scoring, and report composition assets that shorten the path from test notes to client-ready output.
Decode And Inspect
Analysis
Decoders, converters, lookups, and protocol references for interpreting evidence and validating assumptions.
DNS & Email Security
DNS lookups and email security analysis for SPF, DKIM, DMARC, BIMI, MTA-STS, TLS-RPT, and DANE.
Encoder/Decoder
Encode and decode Base64, Hex, URL, and other common investigation formats.
Google Dork Builder
Assemble focused Google dorks for OSINT collection and exposure discovery.
Hash Generator
Generate MD5, SHA1, SHA256, and NTLM hashes and quickly identify hash types.
IOC Fang/Defang
Safely defang and refang URLs, IPs, and domains before sharing indicators.
JWT Decoder
Decode and inspect JWT headers, claims, and signature segments during auth testing.
MAC Address Analyzer
Lookup MAC vendors, normalize address formats, and validate identifiers.
Port Reference
Look up common ports with service context, operator notes, and attack relevance.
Subnet Calculator
Calculate network addresses, broadcast ranges, usable hosts, and CIDR boundaries.
Timestamp Converter
Convert Unix timestamps to human-readable dates and back during investigations.
Niche Workflows
Specialized
Purpose-built utilities for privacy, biometrics, exfiltration planning, and adjacent operator tasks.
Data Exfiltration
Generate exfiltration commands for various protocols, including HTTP, DNS, and ICMP.
Azure Baseline Explorer
Search, compare, and export Microsoft Cloud Security Benchmark mappings for core Azure services.
Biometric Defense Evaluator
Test facial recognition, voice, and gait-analysis countermeasures with in-browser models.
EXIF Scrubber
Inspect and strip metadata such as GPS, device, timestamp, and capture information.
Visual Planning
Diagrams
Diagram-first tooling for mapping attack logic and system relationships in a format teams can review quickly.