A growing arsenal of free utilities for security researchers, developers, and IT teams. No signup required.
Scan any domain for exposed services, open ports, and known CVEs.
Check password entropy and crack-time estimates instantly.
Search 268B+ records to see if your email has been leaked.
Inspect certificate chain, ciphers, and protocol weaknesses.
Resolve records, check SPF/DKIM/DMARC, and detect misconfigurations.
Grade HTTP security headers (CSP, HSTS, X-Frame-Options).
Decode and verify JSON Web Tokens — algorithm and claims.
Enumerate subdomains via passive DNS and certificate transparency.