Security & Crypto Tools

ā† Back to All Tools

šŸ” Security & Crypto

Hashing, token inspection, password tools, key generation, and more.

šŸ”‘ Hash Generator (MD5, SHA-1, SHA-256, SHA-512)

Hashes will appear here…
Usage Guide

What it does

Computes MD5, SHA-1, SHA-256, and SHA-512 hashes of any input text using the Web Crypto API.

How to use

  • Paste or type text ā†’ click Hash All
  • All four hash algorithms are computed simultaneously

Sample Input

Hello, World!

Sample Output

MD5:    65a8e27d8879283831b664bd8b7f0ad4
SHA-1:  943a702d06f34599aee1f8da8ef9f7296031d699
SHA-256: dffd6021bb2bd5b0af676290809ec3a5...
SHA-512: 374d794a95cdcfd8b35993185fef9ba3...

Real-World Use Cases

  • Verifying file integrity (compare checksums)
  • Generating hash IDs for caching/deduplication
  • Validating API payload signatures

šŸŽ« JWT Decoder

Decoded JWT will appear here…
Usage Guide

What it does

Decodes a JSON Web Token (JWT) and displays the header and payload. Also shows token expiration status.

How to use

  • Paste a JWT (three base64 parts separated by dots) ā†’ click Decode
  • The header shows the algorithm, the payload shows the claims

Sample JWT

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.
eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6
IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIy
fQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV
_adQssw5c

Real-World Use Cases

  • Debugging OAuth/OIDC authentication flows
  • Verifying JWT claims (roles, permissions, expiration)
  • Inspecting tokens from Azure AD, Auth0, or Firebase

šŸ†” UUID Generator

Count
Version
UUIDs will appear here…
Usage Guide

What it does

Generates RFC 4122 compliant UUID v4 (random) identifiers.

How to use

  • Set the count (1ā€“100) ā†’ click Generate

Sample Output

f47ac10b-58cc-4372-a567-0e02b2c3d479
6ba7b810-9dad-41d4-80b5-fc0098000000
a1b2c3d4-e5f6-4789-abcd-ef0123456789

Real-World Use Cases

  • Generating primary keys for databases (Cosmos DB, DynamoDB)
  • Creating correlation IDs for distributed tracing
  • Unique identifiers for API resources, sessions, events

šŸ”’ Password Generator

Length
Passwords will appear here…
Usage Guide

What it does

Generates cryptographically strong random passwords using crypto.getRandomValues().

How to use

  • Set length, toggle character sets ā†’ click Generate
  • 5 passwords are generated at once for easy picking

Real-World Use Cases

  • Creating strong database passwords
  • Generating API keys / access tokens
  • Setting up admin accounts for new services

šŸ” HMAC Generator

Secret Key
Algorithm
HMAC will appear here…
Usage Guide

What it does

Computes a Hash-based Message Authentication Code (HMAC) using a secret key. Verifies both data integrity and authenticity.

How to use

  • Enter a secret key and message
  • Select the algorithm ā†’ click Compute HMAC

Real-World Use Cases

  • Webhook signature verification (GitHub, Stripe, Twilio)
  • API request signing (AWS Signature V4)
  • Message authentication in distributed systems

šŸ—ļø RSA Key Pair Generator

Key Size
Key pair will appear here…
Usage Guide

What it does

Generates an RSA public/private key pair in PEM format using the Web Crypto API. Keys are generated entirely in your browser.

How to use

  • Select key size (2048 or 4096 bit) ā†’ click Generate
  • Copy the public and private keys for your use

Real-World Use Cases

  • Setting up SSH key authentication
  • Creating JWT signing keys (RS256)
  • Generating TLS certificate keys for development

šŸ’Ŗ Password Strength Checker

Strength analysis will appear here…
Usage Guide

What it does

Analyzes password strength by checking length, character diversity, common patterns, and calculates entropy bits. Your password never leaves your browser.

How to use

  • Type a password ā†’ click Check Strength

Scoring Criteria

  • Length (8+ minimum, 16+ ideal)
  • Character types (upper, lower, digits, symbols)
  • Common patterns (123, qwerty, password)
  • Entropy calculation (bits of randomness)

Real-World Use Cases

  • Validating password policies before deployment
  • Testing if generated passwords meet security requirements
  • Educational demonstrations of password security

ā±ļø TOTP Code Generator

Base32 Secret
Time Step (sec)
Digits
TOTP code will appear here…
Usage Guide

What it does

Generates a Time-based One-Time Password (TOTP) from a Base32-encoded shared secret ā€” compatible with Google Authenticator, Authy, and Microsoft Authenticator.

How to use

  • Paste your Base32 secret (from a 2FA setup page)
  • Set time step (usually 30s) and digits (usually 6)
  • Click Generate to see the current code and time remaining

Sample Secret

JBSWY3DPEHPK3PXP

Real-World Use Cases

  • Testing 2FA setup during app development
  • Verifying TOTP implementation against reference
  • Emergency code generation when authenticator app unavailable

šŸ“œ PEM / Certificate Decoder

Decoded certificate info will appear here…
Usage Guide

What it does

Decodes PEM-encoded certificates, public keys, and private keys ā€” shows the type, size, and base64 content structure.

How to use

  • Paste a PEM block (including the BEGIN/END markers) ā†’ click Decode

Real-World Use Cases

  • Inspecting TLS/SSL certificates from servers
  • Verifying certificate chains during deployment
  • Debugging mutual TLS (mTLS) authentication

šŸŽ² Random Bytes Generator

Number of Bytes
Format
Random bytes will appear here…
Usage Guide

What it does

Generates cryptographically secure random bytes using crypto.getRandomValues() in hex, Base64, or decimal format.

How to use

  • Set byte count (1ā€“256) and output format ā†’ click Generate

Sample Output (32 bytes, hex)

a3f2b1c4d5e6f7890123456789abcdef
fedcba9876543210abcdef1234567890

Real-World Use Cases

  • Generating encryption keys / initialization vectors (IVs)
  • Creating nonces for cryptographic protocols
  • Generating secure session tokens