tools.fdrian.me
A compact set of browser-based utilities for recon, encoding, headers, redirects, and content inspection.Base64 Debugger
Encode and decode text in Base64 for payload review, storage formats, and quick transformations.
JWT Debugger
Inspect token headers and payloads, validate signatures, and test JWT workflows in one place.
URL Debugger
Encode or decode percent-encoded values for query strings, paths, and request payload debugging.
Open Redirect Tester
Try common payloads against redirect parameters and inspect which requests are unsafe.
Domain Extractor
Pull unique domains from pasted text or fetched content to accelerate recon and cleanup work.
JavaScript Secrets Finder
Scan JavaScript for tokens, keys, secrets, and other high-signal strings during source review.
HTTP Headers Analyzer
Review response headers, highlight security gaps, and inspect common hardening controls.
Subdomain Takeover Checker
Check whether hostnames point to unclaimed providers and surface likely takeover conditions.
CORS Analyzer
Detect CORS misconfigurations — wildcard origins, credential leaks, origin reflection, and null-origin bypasses.