Security Tools
Free security tools online. CSP generator, CORS headers, password strength tester, HTTP status codes—all client-side.
CSP Generator
Build a Content Security Policy visually and get warnings about unsafe directives.
CORS Generator
Assemble Access-Control headers by choosing origins, methods, and options.
Password Tester
Check password strength with entropy, estimated crack time, and dictionary checks — entirely in your browser.
HTTP Status Codes
A quick reference to every HTTP status code, explained with examples.
X-Frame-Options
Understand X-Frame-Options and how DENY and SAMEORIGIN help prevent clickjacking.
Security Headers
A cheat sheet of HTTP security headers, each explained with examples.
OWASP Top 10
An interactive checklist for tracking OWASP Top 10 (2021) coverage, with examples.
Misconfig Detector
Scan headers and config files for common security misconfigurations.
Headers Checklist
Secure headers implementation checklist. Framework-specific snippets for NGINX, Apache, Node. Security headers setup guide.
Password Storage
Password storage best practices generator. Algorithm recommendations, salt, pepper, cost factors. Secure password hashing guide.
Threat Model
Run a quick STRIDE-style threat model with risk levels for your web app.