StartToolsPatternsNotesAboutContact
SECURITY LAB

All the tools.

Engineering assessments for complex decisions. Free utilities for everyday security work. All run in your browser.

Security Engineering Tools
Scoring and planning tools.
Four tools for working through vulnerability prioritization, identity posture, AI workflow risk, and security architecture. Each gives you a score and a place to start the conversation.
Flagship · Identity Security
Identity Risk Mapper

Score your Microsoft 365 and Entra ID identity controls across MFA, Conditional Access, PIM, legacy auth, admin hygiene, and monitoring. Output: scored posture + action plan.

Launch →
Vulnerability Management
Vulnerability Prioritization Engine

Go beyond CVSS. Prioritize remediation based on internet exposure, exploit availability, sensitive data, privilege level, and business impact.

Launch →
AI Governance
AI Workflow Risk Reviewer

Describe any AI-enabled workflow in plain text. Get a risk score, detected data exposure signals, governance gaps, and recommended controls.

Launch →
Architecture · Cloud Security
Security Architecture Generator

Fill in the org profile and get a security architecture with platform-specific recommendations and a 30-day priority list. Good for initial planning conversations.

Launch →
Security Utilities
22 free tools.
Browser-based utilities for DNS lookups, subdomain discovery, JWT decoding, CVE intelligence, hash generation, and more. No accounts. No tracking. No data leaves your browser.
Exposure & Hardening
Domain Security Scanner
DNS health, HTTPS, HSTS, security headers, and open ports.
Open tool →
Security Headers Checker
MDN Observatory v2 scan with A–F grade.
Open tool →
CSP Analyzer
Paste a Content-Security-Policy and get a scored breakdown.
Open tool →
Security Headers Builder
Build HSTS, CSP, and other headers. Export Cloudflare, nginx, or Apache config.
Open tool →
SSL Certificate History
Full TLS certificate transparency history via crt.sh.
Open tool →
Recon & Discovery
Subdomain Discovery
Search CT logs for every subdomain ever issued a TLS cert.
Open tool →
DNS Record Inspector
Full DNS lookup: A, AAAA, MX, TXT (SPF/DKIM/DMARC), NS, CAA, SOA.
Open tool →
WHOIS / RDAP Lookup
Registration dates, registrar, and nameservers via RDAP.
Open tool →
Typosquat Generator
Generate look-alike domain variants for brand protection.
Open tool →
IP Intelligence
Geolocation, ASN, open ports, CVEs from Shodan and ipapi.co.
Open tool →
Investigation & Analysis
Email Header Analyzer
Parse routing path, SPF/DKIM/DMARC results, and delivery delays.
Open tool →
URL Inspector
Decode multi-layer encoding, detect phishing indicators.
Open tool →
URL Threat Feed
Check URLs against URLhaus malware database by abuse.ch.
Open tool →
JWT Decoder
Decode and validate JWTs. Inspect header, payload, algorithm.
Open tool →
Entropy Analyzer
Shannon entropy score to detect encoded or encrypted payloads.
Open tool →
Threat Intelligence
CVE Intelligence
CVSS score, EPSS probability, and CISA KEV status for any CVE.
Open tool →
MITRE ATT&CK Search
Search 35+ techniques by name, ID, or tactic.
Open tool →
Regex ReDoS Tester
Detect catastrophic backtracking via static analysis and timing.
Open tool →
Credential & Crypto
Password Breach Checker
k-Anonymity check against HaveIBeenPwned.
Open tool →
Password Generator
Cryptographically secure passwords, configurable and bulk.
Open tool →
Hash & Encode
SHA-256, SHA-512, Base64, URL encoding. All in-browser.
Open tool →
PEM Certificate Decoder
Decode X.509 PEM certificates client-side.
Open tool →