Security research, tools, and perspectives from real-world vulnerability analysis.
Decode JWT tokens and spot security misconfigurations — alg:none, missing expiration, weak secrets. Free client-side tool.
jwt security claims token inspection auth bypassStep-by-step guide to identifying hash types by format, length, and prefix. Covers MD5, SHA-1, SHA-256, bcrypt, Argon2, NTLM, and 40+ hash types.
hash identifier md5 sha256 hash type detectionStep-by-step guide to auditing website security from your browser without installing any tools. Check SSL, headers, WAF, and more.
website security audit ssl check onlineStep-by-step guide to verify your domain email authentication: SPF, DKIM, DMARC and BIMI. Learn to interpret results and fix common issues.
email security check spf dmarc lookupHow AI-powered code analysis is discovering critical 0-days that went undetected for years — and why continuous code review is the new security standard.
ai code security review 0-day detectionMost free online security scanners send your URLs and vulnerability data to third-party servers. Here is what they are not telling you.
free security tools privacy client-side analysis