Fifteen tools. Zero signups.
Every inline security tool you wish existed in one place. Nothing is stored. Nothing is tracked. Paste, run, copy the fix.
Header Doctor
Security headers graded + specific fixes.
Paste any public URL. Get a per-header verdict, a score, and drop-in nginx/apache/express snippets for every gap.
TLS X-Ray
Full TLS chain + protocol + cipher analysis.
Inspect live certificates: chain, SANs, key strength, expiry, negotiated protocol and cipher. No API keys, no third-party dependencies.
Prompt Injection Sandbox
Stress-test your system prompt against 40+ payloads.
Paste your AI agent's system prompt. We run it against a curated library of known prompt-injection and jailbreak patterns and highlight likely bypasses.
CVE Time Machine
A library's full CVE history, visualized.
Coming soon.
Password Entropy Lab
Rainbow-table-grade entropy visualization.
Coming soon.
JWT Forensics
Decode + vulnerability scan + signature demo.
Coming soon.
Docker Hardening Grader
Paste Dockerfile → score + auto-fix.
Coming soon.
K8s Policy Auditor
OPA-powered manifest audit.
Coming soon.
Nginx Config Scanner
Misconfig detector with explanations.
Coming soon.
Secret Pattern Scanner
Find hardcoded credentials in pasted code.
Coming soon.
GitHub Actions Auditor
Workflow security grade.
Coming soon.
DNS Takeover Scanner
Subdomain hijack risk map.
Coming soon.
NIS2/EUVD Gap Scanner
Compliance checklist + evidence.
Coming soon.
Runbook Generator
Incident description → full Markdown runbook.
Coming soon.
AI Jailbreak Tester
EU AI Act bias + robustness testing.
Coming soon.