Application Security
Application Security Tools
OWASP Top 10 references, password entropy calculators, JWT security checkers, threat model calculators, and AppSec utilities that run entirely in your browser.
🔒 Browser-only — no data sent
⚡ Zero account required
📦 17 free tools
cryptography
Password Entropy Calculator→
Calculate password entropy and estimated crack time for different storage hash types.
reference
OWASP Top 10 Reference→
Searchable reference for OWASP Top 10 2021 — attack types, examples, and mitigations.
authentication
JWT Security Checker→
Decode and check a JWT for security vulnerabilities — algorithm none, expired, and missing validation.
threat modeling
Threat Model Calculator→
Calculate STRIDE threat categories and OWASP risk ratings for a system component.
web security
Content Security Policy Validator→
Validate and explain Content-Security-Policy header directives and security implications.
cryptography
Cryptographic Hash Reference→
Reference guide to cryptographic hash functions — security status, use cases, and algorithm selection.
authentication
Session Token Entropy Calculator→
Calculate entropy of session tokens and verify compliance with OWASP minimum recommendations.
authentication
OAuth 2.0 Flow Reference→
Reference guide to OAuth 2.0 grant types — Authorization Code, PKCE, Client Credentials, and security considerations.
injection
SQL Injection Pattern Reference→
Reference guide to SQL injection techniques, blind injection, and parameterized query defenses.
cryptography
TLS Configuration Reference→
Reference guide to TLS versions, cipher suites, PFS, certificates, and HSTS configuration.
supply chain
Dependency Vulnerability Age Calculator→
Calculate exposure window from CVE publication date to patch application.
web security
Security Header Checker→
Validate HTTP security response headers — HSTS, CSP, X-Frame-Options, COOP, and more.
general
Credential Rotation Gap Calculator→
Estimate the backlog created when actual credential rotation lags written policy because each rotation wave carries r...
general
Feature Flag Strategy Selector→
Pick a feature flag strategy from blast radius, rollback urgency, audit requirement, and dependency complexity. Brows...
general
MFA Adoption Benchmark→
Place your organization's MFA adoption rate on the Okta Businesses at Work distribution. Inputs: adoption percentage,...
general
Secrets Exposure Risk Calculator→
Quantify credential exposure risk from secret count, rotation age, and access breadth. Browser-only — inputs never le...
general
Secrets Storage Selector→
Pick the right secret storage backend from sensitivity level, access pattern, compliance regime, and rotation cadence...