25 free browser-based tools for developers and security engineers. No signup, no install, no data sent to servers — everything runs locally in your browser.
Generate cryptographically strong passwords with custom length, character sets, strength scoring and bulk generation.
Open Tool →Prettify, validate, minify, and explore JSON with full syntax highlighting, structure stats, and copy support.
Open Tool →Convert Markdown to HTML with live preview. Copy the HTML output or export directly to PDF in the browser.
Open Tool →Generate MD5, SHA-1, SHA-256, SHA-384, and SHA-512 hashes from text input or uploaded files instantly.
Open Tool →Encode and decode Base64 strings. Supports URL-safe mode, file-to-Base64, and Base64-to-file download.
Open Tool →Test regular expressions with match highlighting, capture groups, and a built-in security pattern library.
Open Tool →Decode JWT tokens, inspect all claims, and detect security issues — expired tokens, weak algorithms, missing claims.
Open Tool →Scan Dockerfiles for security misconfigurations: root users, exposed secrets, dangerous RUN patterns, and more.
Open Tool →Paste HTTP response headers and get an instant security grade with per-header analysis and fix guidance.
Open Tool →Analyse CORS configuration headers for misconfigurations, wildcard origins, and credential exposure risks.
Open Tool →Paste code or config files to detect leaked API keys, tokens, private keys, and credentials via pattern matching.
Open Tool →Visual Content Security Policy header builder with directive reference, source inputs, and live header preview.
Open Tool →Search the NIST NVD database for CVEs by keyword, CVE ID, or product name. Real-time data, CVSS scores included.
Open Tool →Paste package.json or requirements.txt to check all dependencies for known vulnerabilities via the OSV database.
Open Tool →Interactive OWASP Top 10 2021 self-assessment with per-category scoring, guidance, and a printable report.
Open Tool →Calculate your real AppSec spend — FP triage costs, team overhead, breach exposure — and see your AquilaX ROI.
Open Tool →20-question assessment across 5 dimensions: tooling, secrets, culture, incident response, and compliance.
Open Tool →Estimate how much developer time and money your current scanner wastes on false positives — and your savings with AI triage.
Open Tool →Drag-and-drop DevSecOps pipeline builder. Export your pipeline as a PNG or generate a LinkedIn-ready diagram.
Open Tool →Explore vulnerable vs. fixed code for all OWASP Top 10 2021 categories in JavaScript, Python, and Java.
Open Tool →Interactive ASVS 4.0 checklist for Level 1, 2, and 3 controls. Track compliance and export your verification report.
Open Tool →Paste Set-Cookie headers to check for missing HttpOnly, Secure, SameSite attributes, and excessive lifetimes.
Open Tool →Score vulnerability risk using OWASP's Likelihood × Impact methodology. Get Note, Low, Medium, High, or Critical ratings.
Open Tool →Systematically identify and document Spoofing, Tampering, Repudiation, Info Disclosure, DoS, and Privilege Escalation threats.
Open Tool →OWASP API Security Top 10 (2023) interactive checklist covering BOLA, broken auth, rate limiting, SSRF, and more.
Open Tool →AquilaX runs 32 parallel security scanners on your real codebase — automatically, on every commit. No configuration. 93.54% fewer false positives. AI-generated fix patches included.