tools.fdrian.me

A compact set of browser-based utilities grouped by purpose — encoding, HTTP inspection, and recon.
category

encoding

Base64 Debugger

Encode and decode text in Base64 for payload review, storage formats, and quick transformations.

JWT Debugger

Inspect token headers and payloads, validate signatures, and test JWT workflows in one place.

URL Debugger

Encode or decode percent-encoded values for query strings, paths, and request payload debugging.
category

http

HTTP Headers Analyzer

Review response headers, highlight security gaps, and inspect common hardening controls.

CORS Analyzer

Detect CORS misconfigurations — wildcard origins, credential leaks, origin reflection, and null-origin bypasses.

Open Redirect Tester

Try common payloads against redirect parameters and inspect which requests are unsafe.
category

recon

Domain Extractor

Pull unique domains from pasted text or fetched content to accelerate recon and cleanup work.

Subdomain Takeover Checker

Check whether hostnames point to unclaimed providers and surface likely takeover conditions.

JavaScript Secrets Finder

Scan JavaScript for tokens, keys, secrets, and other high-signal strings during source review.