Security tools
Passwords, TLS certificates and the things that keep you off incident calls.
Breach-Safe Email Checker
Size up an email address in your browser, score the risk, check the domain records, hash it locally and get a clear action plan.
Runs in your browser
CORS Policy Generator
Build a secure CORS policy and copy ready config for Nginx, Apache, Express, FastAPI, Django and 10 more stacks, with a live security review.
Runs in your browser
CSP Header Builder
Build, import and risk-check a Content Security Policy header in your browser, then copy snippets for Apache, Nginx, Netlify and Vercel.
Runs in your browser
Cyber Audit Suite for WordPress
Paste a WordPress URL and fire 10 security checks at once, then read one posture score, sorted findings and an action plan ordered by impact.
Domain Health Check
Audit a domain in one button: DNS, WHOIS, SSL expiry, HTTP status, robots.txt and sitemap, with a fix for each gap.
Hash Generator
Generate MD5, SHA-1, SHA-256, SHA-384, SHA-512 and HMAC, then compare a checksum, all in your browser.
Runs in your browser
htpasswd Generator
Build .htpasswd lines for Apache and nginx in your browser, with apr1 and SHA-512 crypt, random salts and copy-ready snippets.
Runs in your browser
NetSecAI Cyber Audit Findings Interpreter
Paste the JSON from any cyber audit and NetSecAI turns each finding into a severity, a plain-English why and the exact config line to fix it.
Password Strength Checker
Score a password in your browser with entropy, crack-time, a weak-pattern scan, passphrase ideas and a hardening checklist.
Runs in your browser
Phishing URL Checklist
Paste a suspicious link, read the real hostname and root-domain clues, decode nested redirects, score the phishing signals and plan safe actions.
Runs in your browser
SecuChecker WordPress Security Scanner
Free WordPress security scan that pokes at the gaps behind most real break-ins, then hands back a posture score and a fix list ranked by severity.
SecurityWatch Multi-Site Monitor
Watch a list of sites five ways at once: uptime, homepage tamper, TLS expiry, missing security headers and WordPress drift, with an optional webhook.
SSL Certificate Checker
Read the live TLS certificate a host serves: expiry, issuer, subject, SAN coverage and your expected hostnames.
SSL Certificate Renewal Manager
Build SSL/TLS renewal and auto-renew commands for certbot, acme.sh, lego, Caddy, win-acme and more, with HTTP-01, DNS-01 and an expiry calculator.
Runs in your browser
SSL Expiry Monitor
Paste a list of hosts and check their SSL certs in one watchlist that sorts by days left, with a renewal plan and CSV report.
TLS Version and Cipher Selector
Pick TLS versions and cipher suites by security profile, audience and compliance, then copy a ready config for nginx, Apache, Caddy, HAProxy or IIS.
Runs in your browser
Password Generator
Strong random passwords and passphrases, generated locally.
Runs in your browser
Reading in this category
AI in Cybersecurity 2026: Real vs Hype, Both Sides
AI in cybersecurity in 2026: what it really does for defenders (triage, summarization, code review), what attackers do with it, and the dual-use problem.
Bug Bounty Starter Guide for Sysadmins
A bug bounty starter guide for sysadmins: how your DNS, HTTP and Linux skills transfer, the five free tools I open, and the report shape that gets paid.
Linux Kernel Hardening: sysctl Checklist
Linux kernel hardening with sysctl: the 32 toggles I actually ship, grouped by subsystem and sorted by how much each one matters, plus a drift check.
Sécuriser Ubuntu 24.04 : la checklist du SysAdmin
Sécuriser un serveur Linux Ubuntu 24.04, la passe que je fais sur chaque VPS : SSH en clés uniquement sur un port discret, UFW, fail2ban, MAJ auto, AppArmor, auditd.
Ubuntu 24.04 Server Hardening: SysAdmin Checklist
Ubuntu 24.04 server hardening, the way I run it on every VPS: keys-only SSH on a quiet port, UFW, fail2ban, unattended updates, AppArmor enforcing, auditd.
SOC Homelab with Wazuh, Suricata and ELK
Build a SOC homelab with Wazuh, Suricata and the Elastic Stack on a spare VM: the single-node installer, agent enrolment, and test attacks you can fire yourself.
Vaultwarden Self-Host Guide: Bitwarden in 20 Minutes
Vaultwarden self-host guide: docker compose plus Caddy with automatic TLS, your first admin signup, then fail2ban, restic backups, and locking down the admin route.
Wazuh SIEM on a Budget: Pi, N100 or Cloud
Wazuh SIEM on a budget, three paths I actually run: a Raspberry Pi 5 under 100 EUR, an Intel N100 mini-PC, or a Hetzner CAX21 ARM node under 10 EUR a month.
Web App Security Audit 2026: A Practical Method
The web app security audit I actually run in 2026, in four layers: transport, app code, supply chain, secrets, with the tools and a 25-point checklist.
WordPress Security Audit in 10 Steps (2026)
A WordPress security audit you run in about 90 minutes: PHP and WP versions, plugin CVEs, HTTP headers, htaccess, TLS, 2FA, xmlrpc, user enumeration, logs and backups.
IA en cybersécurité 2026 : le vrai du faux, des deux côtés
L'IA en cybersécurité en 2026 : ce qu'elle fait vraiment pour les défenseurs (tri, résumé, revue de code), ce que les attaquants en font, et le problème du double usage.
Bug bounty pour sysadmins : guide de démarrage
Guide de démarrage bug bounty pour sysadmins : comment tes réflexes DNS, HTTP et Linux se transfèrent, les cinq outils gratuits, et le report qui se fait payer.
Durcissement du noyau Linux : checklist sysctl
Durcissement du noyau Linux avec sysctl : les 32 réglages que je déploie vraiment, regroupés par sous-système et triés par importance, avec une détection de dérive.
Homelab SOC avec Wazuh, Suricata et ELK
Monter un homelab SOC avec Wazuh, Suricata et l'Elastic Stack sur une VM de récup : l'installeur single-node, l'enrôlement des agents et des attaques de test.
Auto-héberger Vaultwarden : Bitwarden en 20 minutes
Auto-héberger Vaultwarden : docker compose plus Caddy avec TLS auto, première inscription admin, puis fail2ban, sauvegardes restic et route admin verrouillée.
Wazuh SIEM à petit budget : Pi, N100 ou cloud
Wazuh SIEM à petit budget, trois chemins que je fais tourner : un Raspberry Pi 5 sous 100 EUR, un mini-PC Intel N100, ou un nœud ARM Hetzner sous 10 EUR par mois.
Audit de sécurité d'appli web 2026 : la méthode
L'audit de sécurité d'appli web que j'applique en 2026, en quatre couches : transport, code applicatif, supply chain et secrets, avec les outils et une checklist.
Audit de sécurité WordPress en 10 étapes (2026)
L'audit de sécurité WordPress en 90 minutes : versions PHP et WP, CVE de plugins, headers HTTP, htaccess, TLS, 2FA, xmlrpc, énumération des comptes, logs et backups.