Paste any text — extracts IPs, domains, URLs, file hashes, CVEs and emails instantly.

Convert IOCs between defanged (hxxp://evil[.]com) and active formats for safe sharing.

Parse raw email headers to trace routing, spot spoofing, and read SPF/DKIM/DMARC results.

Search 56 MITRE ATT&CK techniques and tactics by ID or keyword — with direct links.

Pretty-print, validate and explore JSON logs and SIEM API responses.

Generate reverse shell one-liners for Linux and Windows across all common methods.

35+ XSS payloads: basic, filter bypass, event handler, DOM, template injection, polyglot.

Compose Google dork queries with operators. Presets for file leaks, panels, creds, and dirs.

Decode and inspect JSON Web Tokens — header, payload, signature.

Percent-encode or decode URL components for web testing.

Compute MD5, SHA-1, SHA-256, SHA-512 hashes for any input.

Encode or decode text and binary data using Base64.

Convert text to hexadecimal and back — useful for payloads and escaping.

Encrypt or decrypt text with a Caesar shift cipher. ROT13 built in.

Convert integers between binary, octal, decimal and hex. Shows ASCII too.

Calculate network address, broadcast, host range and mask from CIDR.

Resolve A, AAAA, MX, TXT, NS, CNAME, SOA and PTR records via Cloudflare DoH.

Country, city, ASN and timezone lookup for any IP address.

Searchable reference of 60+ common ports (with risk) and all HTTP status codes.

Live regex matching with match highlighting and named capture groups.

Line-by-line diff of two texts — config comparison, log analysis, response diffing.

Parse cron expressions, validate fields, and preview next 6 scheduled run times.

Convert UNIX timestamps to human-readable dates and vice versa.

Check the strength and breach status of your passwords.

Generate strong, random passwords with custom rules.