Decode header and payload without signature verification.
SecurityCategories
Security
Generate or inspect passwords, PINs, UUIDs, tokens, hashes and JWTs locally.
Inspect URL parametersSee duplicate keys, UTM fields and encoded values as a table plus JSON.Structure FAQ/HowTo answersUse question-answer logic, tool FAQs and JSON-LD deliberately instead of keyword padding.Make payloads readableCheck JSON, Base64, URL encoding and regex in sequence without server contact.Debug JSON.parse errorsCheck trailing commas, wrong quotes, comments and broken numbers with context around the fault.Clean campaign URLsCheck target URL, UTM values, slug and redirect plan before publishing.
Generate UUIDs locally in the browser.
SecurityGenerate SHA-256 hashes in the browser.
SecurityGenerate strong local passwords with chosen length.
SecurityGenerate numeric PINs for test and dummy cases.
SecurityGenerate simple technical random tokens.
SecurityScore length, variety, repetition and rough entropy locally.
SecurityGenerate an HMAC with local browser crypto.
SecurityGenerate SHA-1 for compatibility and checking cases only.
SecurityGenerate SHA-512 hashes in the browser.
SecurityDecode JWT claims and mark expiry times without signature verification.
SecurityGenerate locally sortable UUID-v7-style test IDs.
SecurityGenerate numeric one-time codes for demos and tests.
SecurityBuild an Authorization header from username and password.
SecurityRemove header prefixes and show the raw token.
SecurityMask common API key, token and password patterns in text.
SecurityEstimate character variety and rough bits for an input.
SecurityBuild a conservative Content-Security-Policy starting point.
SecurityGenerate a SHA-384 integrity string for small local content.
Security