One toolkit for incident triage

Security toolkit

Everything you need to triage an alert — analyse an email header, look up an IP or domain, check WHOIS, scan a link, decode a JWT, test a password and more. Free, in your browser, nothing stored by us.

⭐ Go Pro — bulk CVE risk-triage (CISA KEV + EPSS) & IP/domain enrichment, and help keep the site free. ₹50 / 6 months →

✉️ Email header analyzer

Paste full raw email headers ("Show original" / "View source"). Extracts the sender path, auth results (SPF/DKIM/DMARC) and the originating IP.

🤖 Phishing link checker

Scan a suspicious link for common phishing red flags. Heuristic only — never log in via an unverified link.

⚠️ Defang / refang IOCs

Make indicators safe to share (hxxp, [.]) or restore them. Works on URLs, IPs and emails.

🌎 IP lookup

Geolocation, ASN, ISP and network type for an IPv4/IPv6 address.

🔗 DNS / domain lookup

A, AAAA, MX, NS and TXT records plus SPF/DMARC checks (Google DNS-over-HTTPS).

📄 WHOIS / domain age

Registrar, creation/expiry, status and nameservers via RDAP. Young domains are a phishing signal.

📡 CIDR / subnet calculator

Network, broadcast, mask, host range and count for an IPv4 CIDR block.

🔐 Have I been breached?

Check whether an email appears in known public breaches. Only the address is sent to the lookup service; we never store it.

🔒 Password strength

See how strong a password is and roughly how long it would take to crack. Don't paste a password you actually use.

-

🎲 Password generator

Create a random, hard-to-crack password and copy it to your password manager.

Click generate...

🔑 JWT decoder

Decode the header & payload of a JSON Web Token. Signature is not verified.

📝 Encoder & hasher

Encode/decode Base64 and generate a SHA-256 hash — handy for CTFs, logs and integrity checks.

Result appears here...

🕐 Epoch ↔ time

Convert a Unix timestamp (seconds or milliseconds) to readable UTC, local and ISO time.

All tools run in your browser. IP, DNS and WHOIS lookups call free public services (ipwho.is, Google DNS, RDAP) directly from your device. Use only on assets you're authorised to investigate. Heuristic checks (phishing, password) are guides, not guarantees.