# Peasy Safe > Security tools made easy. Peasy Safe provides free browser-based tools at https://peasysafe.com/. All processing happens client-side — files never leave your device. ## Tools (15) - [Password Generator](https://peasysafe.com/safe/safe-password-generator/) — Generate strong, random passwords - [Password Strength Checker](https://peasysafe.com/safe/password-strength/) — Analyze password strength and vulnerability - [Hash Generator](https://peasysafe.com/safe/safe-hash-generator/) — Generate SHA and other cryptographic hashes - [HMAC Generator](https://peasysafe.com/safe/hmac-generator/) — Generate keyed-hash message authentication codes - [AES Encrypt / Decrypt](https://peasysafe.com/safe/aes-encrypt/) — Encrypt and decrypt text with AES-256-GCM - [Random String Generator](https://peasysafe.com/safe/random-string/) — Generate cryptographically secure random strings - [CSP Header Generator](https://peasysafe.com/safe/csp-generator/) — Build Content Security Policy headers - [Text Redactor](https://peasysafe.com/safe/text-redactor/) — Redact sensitive information from text - [CORS Header Generator](https://peasysafe.com/safe/cors-generator/) — Build Cross-Origin Resource Sharing configurations - [SRI Hash Generator](https://peasysafe.com/safe/sri-generator/) — Generate Subresource Integrity hashes - [Base64 Encoder / Decoder](https://peasysafe.com/safe/base64-encoder-decoder/) — Encode and decode Base64 with URL-safe variants - [JWT Decoder](https://peasysafe.com/safe/jwt-decoder/) — Decode and inspect JSON Web Tokens - [UUID Generator](https://peasysafe.com/safe/uuid-generator/) — Generate and validate UUIDs (v4 random) - [TOTP Configurator](https://peasysafe.com/safe/totp-configurator/) — - [SSL Certificate Decoder](https://peasysafe.com/safe/ssl-certificate-decoder/) — ## Guides (61) - [How to Check if Your Password Has Been Compromised](https://peasysafe.com/guides/check-password-compromised/) — Data breaches expose millions of passwords regularly. Learn how to check whether your credentials have been leaked without risking further … - [How to Generate Strong Random Passwords](https://peasysafe.com/guides/generate-strong-random-passwords/) — Password generation requires cryptographic randomness and careful character selection. This guide covers the principles behind strong password generation, entropy calculation, … - [Password Strength Analysis: How Strong Is Your Password Really?](https://peasysafe.com/guides/password-strength-analysis-guide/) — Learn the science behind password strength meters and entropy calculations. Understand what makes a password truly secure, how attackers crack … - [Two-Factor Authentication Methods Compared: TOTP, SMS, and Hardware Keys](https://peasysafe.com/guides/two-factor-authentication-methods-compared/) — Compare the security, convenience, and cost of major 2FA methods including authenticator apps, SMS codes, hardware security keys, and biometrics. … - [Encryption Algorithms Compared: AES, ChaCha20, and RSA Explained](https://peasysafe.com/guides/encryption-algorithms-compared-aes-chacha20-rsa/) — Understand the differences between symmetric and asymmetric encryption, when to use AES-256 vs ChaCha20-Poly1305, and how RSA fits into modern … - [Password Strength and Generation: A Security Guide](https://peasysafe.com/guides/password-strength-generation-guide/) — Weak passwords remain the leading cause of account breaches. This guide covers password entropy calculation, generation strategies, and storage best … - [Environment Variable Management: Security and Best Practices](https://peasysafe.com/guides/environment-variable-management-guide/) — Environment variables separate configuration from code, keeping secrets out of version control. Mismanaging them leads to leaked API keys, broken … - [Password Managers Compared: Features That Matter](https://peasysafe.com/guides/password-managers-compared/) — A password manager is the single most impactful security tool for most people. This comparison covers the key features to … - [How to Strip EXIF Metadata From Photos for Privacy](https://peasysafe.com/guides/strip-exif-metadata-privacy/) — Photos contain hidden metadata including GPS coordinates, device info, and timestamps. Before sharing photos online, learn how to remove this … - [How to Create QR Codes for Wi-Fi Networks](https://peasysafe.com/guides/create-wifi-qr-codes/) — Wi-Fi QR codes let guests connect to your network instantly by scanning with their phone camera. This guide covers the … - [Encryption Best Practices for Personal Data](https://peasysafe.com/guides/encryption-best-practices-personal/) — Encryption protects your data from unauthorized access, whether stored on your devices or transmitted over the internet. This guide covers … - [Troubleshooting Random Number Generation Issues](https://peasysafe.com/guides/troubleshooting-random-number-generation/) — Incorrect random number generation causes security vulnerabilities, biased results, and non-reproducible tests. This guide covers common RNG pitfalls and how … - [Two-Factor Authentication Methods: TOTP, WebAuthn, and SMS](https://peasysafe.com/guides/two-factor-authentication-methods/) — Two-factor authentication (2FA) adds a critical layer of security beyond passwords. This guide compares TOTP apps, hardware security keys, SMS … - [Hash Functions Compared: MD5, SHA-1, SHA-256, and Beyond](https://peasysafe.com/guides/hash-functions-compared/) — Hash functions are used for file integrity, password storage, and digital signatures. This comparison covers the most common algorithms, their … - [How to Check If Your Email Has Been Breached](https://peasysafe.com/guides/how-to-check-email-breach/) — Data breaches expose billions of email addresses and passwords. Learn how to check if your accounts are compromised and what … - [How to Generate Secure Passphrases](https://peasysafe.com/guides/how-to-generate-secure-passphrases/) — Passphrases are easier to remember than random passwords while being equally secure. Learn how to generate strong, memorable passphrases. - [VPN vs Tor vs Proxy: Privacy Tools Compared](https://peasysafe.com/guides/vpn-vs-tor-vs-proxy-comparison/) — VPNs, Tor, and proxies all hide your IP address but differ in security, speed, and privacy guarantees. Compare them for … - [QR Code Security and Phishing Prevention](https://peasysafe.com/guides/qr-code-security-phishing-prevention/) — Protect against QR code phishing attacks and implement secure QR code practices for businesses and consumers. - [Data Privacy Best Practices for Online Tools](https://peasysafe.com/guides/data-privacy-best-practices-online-tools/) — Using online tools means trusting them with your data. Learn how to evaluate tool privacy and protect sensitive information. - [How to Password-Protect a PDF](https://peasysafe.com/guides/how-to-password-protect-pdf/) — Learn how to encrypt PDFs with passwords to control who can open, edit, print, or copy content from your documents. - [How to Audit Your Digital Privacy Settings](https://peasysafe.com/guides/how-to-audit-digital-privacy-settings/) — Review and tighten privacy settings across browsers, social media, mobile devices, and cloud services. - [Secure File Sharing Best Practices](https://peasysafe.com/guides/secure-file-sharing-best-practices/) — Share sensitive files securely using encryption, expiring links, password protection, and access controls. - [Cookie Consent and GDPR Compliance for Websites](https://peasysafe.com/guides/cookie-consent-gdpr-compliance-websites/) — Implement compliant cookie consent banners and data privacy practices for GDPR, CCPA, and global regulations. - [SHA-256 vs SHA-3 vs BLAKE3: Hash Function Comparison](https://peasysafe.com/guides/sha256-vs-sha3-vs-blake3/) — Hash functions are fundamental to security and data integrity. Compare the performance, security, and use cases of modern hash algorithms. - [Browser Privacy Settings: A Comprehensive Configuration Guide](https://peasysafe.com/guides/browser-privacy-settings-comprehensive/) — Modern browsers offer extensive privacy controls that most users never configure. Learn which settings to enable, which extensions to install, … - [Browser Security Features You Should Know](https://peasysafe.com/guides/browser-security-features-you-should-know/) — Understand built-in browser security features including sandboxing, HTTPS indicators, and permission controls. - [EXIF Data Privacy: What Your Photos Reveal](https://peasysafe.com/guides/exif-data-privacy-what-photos-reveal/) — Understand what metadata your camera stores in photos and how to strip it before sharing for privacy protection. - [Understanding End-to-End Encryption](https://peasysafe.com/guides/understanding-end-to-end-encryption/) — End-to-end encryption ensures that only the sender and recipient can read messages. Learn how it works, what it protects against, … - [Hash Generator Selection Guide](https://peasysafe.com/guides/hash-generator-selection-guide/) — Choose the right hash algorithm for checksums, passwords, content addressing, and data integrity verification. - [URL Encoding Best Practices for Web Developers](https://peasysafe.com/guides/url-encoding-best-practices/) — Proper URL encoding prevents broken links and security vulnerabilities. Learn which characters must be encoded and how to handle international … - [PDF Security Best Practices for Business Documents](https://peasysafe.com/guides/pdf-security-best-practices/) — Business documents often contain sensitive information. Learn how to secure PDFs with encryption, redaction, and metadata removal. - [Privacy-First Password Management Best Practices](https://peasysafe.com/guides/privacy-first-password-management-best-practices/) — Implement strong password hygiene using password managers, MFA, and zero-knowledge architecture. - [Privacy-First Analytics: Alternatives to Google Analytics](https://peasysafe.com/guides/privacy-first-analytics-alternatives/) — Google Analytics collects extensive user data and requires cookie consent banners in the EU. Learn about privacy-respecting alternatives that provide … - [VPN vs Proxy vs Tor: Privacy Tool Comparison](https://peasysafe.com/guides/vpn-vs-proxy-vs-tor-privacy-comparison/) — Compare VPNs, proxy servers, and the Tor network for different privacy and security needs. - [Secure Random Number Generation: When Math.random() Isn't Enough](https://peasysafe.com/guides/secure-random-generation-guide/) — Math.random() is fine for shuffling a playlist but dangerous for passwords, tokens, and cryptographic applications. Learn when and how to … - [Browser Privacy Settings: Essential Configuration Guide](https://peasysafe.com/guides/browser-privacy-settings-configuration-guide/) — Configure your browser for maximum privacy while maintaining website compatibility. - [HTTP Header Security Best Practices](https://peasysafe.com/guides/http-header-security-best-practices/) — Configure security headers including CSP, HSTS, X-Frame-Options, and permissions policy for web applications. - [How to Generate Secure Random Passwords](https://peasysafe.com/guides/how-to-generate-secure-random-passwords/) — Weak passwords remain the leading cause of account compromises. This guide explains the principles behind cryptographically secure password generation and … - [How to Share Files Securely: A Complete Privacy Guide](https://peasysafe.com/guides/secure-file-sharing-privacy-guide/) — Step-by-step guide to sharing sensitive files without exposing your data to third parties. Covers client-side encryption, secure link generation, expiring … - [Digital Privacy Checklist: 15 Steps to Protect Your Online Identity](https://peasysafe.com/guides/digital-privacy-checklist-15-steps/) — A comprehensive checklist covering browser settings, account security, device configuration, and data hygiene practices. Prioritized by impact — start with … - [WiFi QR Codes: Connecting Guests Without Sharing Passwords](https://peasysafe.com/guides/wifi-qr-codes-guest-networks/) — WiFi QR codes let guests connect to a network with a single scan, eliminating the need to dictate complex passwords. … - [VPN vs Proxy vs Tor: Which Privacy Tool Should You Use?](https://peasysafe.com/guides/vpn-vs-proxy-vs-tor-comparison/) — Compare VPNs, proxy servers, and the Tor network across speed, anonymity, cost, and use cases. Understand the threat models each … - [Event Ticket QR Codes: Generation, Validation, and Security](https://peasysafe.com/guides/event-ticket-qr-codes-guide/) — QR codes on event tickets must balance ease of scanning with resistance to duplication and fraud. A well-designed ticket QR … - [Secure Password Generation: Algorithms and Best Practices](https://peasysafe.com/guides/secure-password-generation-algorithms/) — Explore the cryptographic random number generators behind secure password creation. Learn why Math.random() is never sufficient, how CSPRNG works, and … - [How to Block Cookies and Trackers Without Breaking Websites](https://peasysafe.com/guides/block-cookies-trackers-without-breaking-sites/) — Practical guide to configuring cookie and tracker blocking that protects your privacy without causing website breakage. Covers browser settings, extension … - [Archive Format Guide: ZIP, TAR, 7z, and RAR Compared](https://peasysafe.com/guides/archive-format-zip-tar-7z-rar-compared/) — Compare archive formats for compression ratio, speed, encryption, and cross-platform compatibility. Understand the difference between archiving and compression, and when … - [End-to-End Encryption: How It Works and Why It Matters](https://peasysafe.com/guides/end-to-end-encryption-explained/) — A clear explanation of end-to-end encryption for non-technical users. Understand key exchange, the Signal protocol, and why E2EE prevents service … - [Secure Messaging Apps Compared: Signal, WhatsApp, Telegram, and More](https://peasysafe.com/guides/secure-messaging-apps-compared/) — An objective comparison of popular messaging apps focusing on encryption protocols, metadata handling, open-source status, and jurisdiction. Understand the real-world … - [Privacy-Focused Browser Settings: A Configuration Guide](https://peasysafe.com/guides/privacy-focused-browser-settings-guide/) — Detailed configuration guides for Firefox, Chrome, Safari, and Brave with specific settings to maximize privacy while maintaining usability. Includes about:config … - [QR Code Security: Risks, Attacks, and Mitigation Strategies](https://peasysafe.com/guides/qr-code-security-considerations/) — QR codes are inherently trusted by users — most people scan without hesitation. This trust creates attack vectors including phishing, … - [Text Hashing Explained: MD5, SHA-256, and When to Use Each](https://peasysafe.com/guides/text-hashing-md5-sha256-comparison/) — Compare cryptographic and non-cryptographic hash functions. Understand when MD5 is acceptable, when SHA-256 is necessary, and why hash functions are … - [Secure Cloud Storage: Best Practices for Protecting Your Files](https://peasysafe.com/guides/secure-cloud-storage-best-practices/) — Evaluate cloud storage security models and learn how to protect sensitive files before uploading. Covers zero-knowledge providers, client-side encryption, and … - [GDPR Basics for Individuals: Your Data Rights Explained](https://peasysafe.com/guides/gdpr-basics-data-rights-explained/) — Understand your rights under GDPR and similar privacy regulations. Learn how to exercise data access requests, request deletion, and identify … - [Fake Data Generation for Development and Demos](https://peasysafe.com/guides/fake-data-generation-development/) — Realistic fake data populates development databases, demo environments, and test suites without exposing real user information. This guide covers tools, … - [Best Practices for Handling Sensitive Data in the Browser](https://peasysafe.com/guides/handling-sensitive-data-browser-best-practices/) — Guidelines for safely processing passwords, keys, and personal data in client-side JavaScript. Covers memory handling, clipboard security, and preventing data … - [Security Headers: Why Your Website Needs Them and How to Fix Missing Ones](https://peasysafe.com/guides/security-headers-fix-missing-guide/) — Troubleshooting guide for common security header issues. Learn what each header does, how to test your site's header configuration, and … - [Hash Generation and Verification: MD5, SHA, and Beyond](https://peasysafe.com/guides/hash-generation-verification-guide/) — Hash functions produce fixed-size fingerprints of data for integrity verification, password storage, and deduplication. This guide covers the most common … - [Image Metadata and EXIF Data: Reading, Editing, and Removing](https://peasysafe.com/guides/image-metadata-exif-editing-guide/) — Every photo carries hidden metadata — camera settings, GPS coordinates, timestamps, and software information. Understanding how to read, edit, and … - [Random Name and Identity Generation for Testing](https://peasysafe.com/guides/random-name-identity-generation/) — Generating realistic fake identities for testing requires cultural diversity, consistent data relationships, and awareness of privacy regulations. - [Video Metadata and EXIF Data: What Your Files Contain](https://peasysafe.com/guides/video-metadata-exif-data-explained/) — Video files embed metadata about creation date, camera settings, GPS location, and encoding parameters. Understanding this data helps with organization, … - [JWT Token Generation and Structure Explained](https://peasysafe.com/guides/jwt-token-generation-structure/) — JSON Web Tokens (JWT) are the standard for stateless authentication. Understanding their structure, signing algorithms, and security considerations prevents common … ## Glossary (45 terms) - [2FA](https://peasysafe.com/glossary/2fa/) — A security process requiring two distinct forms of identification — typically a password and a … - [AES](https://peasysafe.com/glossary/aes/) — A symmetric block cipher used worldwide for encrypting sensitive data, with key sizes of 128, … - [Argon2](https://peasysafe.com/glossary/argon2/) — The winner of the Password Hashing Competition, designed to be memory-hard and resistant to GPU … - [Certificate Pinning](https://peasysafe.com/glossary/certificate-pinning/) — A technique that associates a host with its expected certificate, preventing man-in-the-middle attacks with forged … - [Checksum](https://peasysafe.com/glossary/checksum/) — A value computed from file data used to verify that the file hasn't been altered … - [Clickjacking](https://peasysafe.com/glossary/clickjacking/) — An attack that tricks users into clicking hidden elements by overlaying invisible frames on top … - [Command Injection](https://peasysafe.com/glossary/command-injection/) — An attack passing arbitrary operating system commands through a vulnerable application to the host system. - [CORS Misconfiguration](https://peasysafe.com/glossary/cors-misconfiguration/) — Overly permissive CORS headers allowing unauthorized origins to read sensitive API responses in the browser. - [CSRF](https://peasysafe.com/glossary/csrf/) — An attack tricking an authenticated user into submitting unintended requests to a web application. - [CVE](https://peasysafe.com/glossary/cve/) — A standardized catalog of publicly known security vulnerabilities, each assigned a unique CVE-YYYY-NNNNN identifier. - [DDoS](https://peasysafe.com/glossary/ddos/) — An attack that overwhelms a server or network with traffic from many distributed sources, making … - [Defense in Depth](https://peasysafe.com/glossary/defense-in-depth/) — A security approach using multiple layers of protection so that if one layer fails, others … - [E2EE](https://peasysafe.com/glossary/e2ee/) — A communication system where only the sender and recipient can read messages, with encryption keys … - [Entropy](https://peasysafe.com/glossary/entropy/) — A measure of randomness or unpredictability in a password, expressed in bits, indicating resistance to … - [FIDO2](https://peasysafe.com/glossary/fido2/) — An authentication standard enabling passwordless login through hardware security keys or biometrics using public key … - [HMAC](https://peasysafe.com/glossary/hmac/) — A mechanism combining a cryptographic hash with a secret key to verify data integrity and … - [HSTS](https://peasysafe.com/glossary/hsts/) — An HTTP header instructing browsers to only connect via HTTPS, preventing protocol downgrade attacks. - [Insecure Deserialization](https://peasysafe.com/glossary/insecure-deserialization/) — A vulnerability where untrusted data is deserialized without validation, potentially enabling remote code execution. - [Key Derivation](https://peasysafe.com/glossary/key-derivation/) — A function that derives one or more secret keys from a password or passphrase using … - [Nonce](https://peasysafe.com/glossary/nonce/) — A random or sequential value used exactly once in cryptographic operations to prevent replay attacks … - [OWASP Top 10](https://peasysafe.com/glossary/owasp-top-10/) — A regularly updated list of the ten most critical web application security risks, published by … - [Password Hashing](https://peasysafe.com/glossary/password-hashing/) — Converting passwords into fixed-length hashes using algorithms like bcrypt or Argon2 for secure storage. - [Path Traversal](https://peasysafe.com/glossary/path-traversal/) — Exploiting insufficient input validation to access files outside the intended directory using ../ sequences. - [Penetration Testing](https://peasysafe.com/glossary/penetration-testing/) — Simulating real-world attacks against a system to identify security vulnerabilities before malicious actors do. - [PGP](https://peasysafe.com/glossary/pgp/) — An encryption program providing cryptographic privacy and authentication for data communication. - [PKI](https://peasysafe.com/glossary/pki/) — A framework of certificate authorities, digital certificates, and key pairs that enables secure encrypted communication … - [Public Key](https://peasysafe.com/glossary/public-key/) — A cryptographic system using paired keys where the public key encrypts and only the private … - [QR Code](https://peasysafe.com/glossary/qr-code/) — A two-dimensional barcode that stores data (URLs, text, contact info) readable by cameras and scanners. - [RBAC](https://peasysafe.com/glossary/rbac/) — An authorization model that assigns permissions to roles rather than individual users, simplifying access management … - [RSA](https://peasysafe.com/glossary/rsa/) — An asymmetric cryptographic algorithm using public/private key pairs for encryption and digital signatures. - [Salt](https://peasysafe.com/glossary/salt/) — Random data added to a password before hashing to ensure identical passwords produce different hashes. - [Sandbox](https://peasysafe.com/glossary/sandbox/) — An isolated execution environment that restricts a program's access to system resources, limiting the impact … - [Sensitive Data Exposure](https://peasysafe.com/glossary/sensitive-data-exposure/) — A vulnerability where applications fail to adequately protect sensitive data like passwords, tokens, or PII … - [SHA-256](https://peasysafe.com/glossary/sha-256/) — A cryptographic hash function producing a 256-bit digest, widely used for data integrity verification. - [SQL Injection](https://peasysafe.com/glossary/sql-injection/) — Inserting malicious SQL code into application queries to access, modify, or delete database data. - [SRI](https://peasysafe.com/glossary/sri/) — An HTML attribute providing a cryptographic hash to verify that fetched resources have not been … - [SSL/TLS](https://peasysafe.com/glossary/ssltls/) — Cryptographic protocols providing secure communication over networks, used for HTTPS. - [SSRF](https://peasysafe.com/glossary/ssrf/) — An attack making the server send requests to unintended internal or external resources on behalf … - [Steganography](https://peasysafe.com/glossary/steganography/) — The practice of hiding secret data within ordinary files (images, audio) without visible change. - [Threat Modeling](https://peasysafe.com/glossary/threat-modeling/) — A structured process for identifying potential threats, attack vectors, and mitigations during system design. - [TOTP](https://peasysafe.com/glossary/totp/) — A temporary passcode generated from a shared secret and the current time, used in two-factor … - [WAF](https://peasysafe.com/glossary/waf/) — A security layer that filters HTTP traffic between a web application and the internet, blocking … - [XSS](https://peasysafe.com/glossary/xss/) — An attack injecting malicious scripts into web pages viewed by other users, stealing data or … - [XXE](https://peasysafe.com/glossary/xxe/) — An attack exploiting XML parsers to access local files, perform SSRF, or cause denial of … - [Zero-Day](https://peasysafe.com/glossary/zero-day/) — A software vulnerability unknown to the vendor and without a patch, actively exploited before a … ## API Base URL: https://peasysafe.com/api/v1/ | Endpoint | Description | |----------|-------------| | GET /api/v1/tools/ | List all tools (filterable by category) | | GET /api/v1/tools/{slug}/ | Tool detail with description, steps, FAQ | | GET /api/v1/categories/ | Tool categories | | GET /api/v1/formats/ | File formats reference | | GET /api/v1/conversions/ | Format conversion guides | | GET /api/v1/glossary/ | Terminology definitions | | GET /api/v1/glossary/{slug}/ | Term with simple + technical explanations, code examples, references | | GET /api/v1/guides/ | Educational guides (filterable by category, audience_level) | | GET /api/v1/guides/{slug}/ | Full guide with content, takeaways, ToC, related guides | | GET /api/v1/use-cases/ | Real-world use cases | | GET /api/v1/search/?q={query} | Cross-model search | | GET /api/v1/sites/ | All 16 Peasy sites | OpenAPI spec: https://peasysafe.com/api/openapi.json Swagger UI: https://peasysafe.com/api/docs/ ## Content Negotiation All pages support Markdown output for AI agents: - Add `?format=md` to any page URL - Or send `Accept: text/markdown` header ## Platform Stats - 251 tools across 16 sites - 131 file formats documented - 1484 format conversion guides - 695 glossary terms - 645 educational guides - 302 real-world use cases Full catalog: https://peasysafe.com/llms-full.txt