Interactive cybersecurity tools — 17 widgets across 5 domains. All client-side, no data leaves your browser.
3 Offensive3 Defensive4 Tools4 Frameworks4 Crypto
Designed & built by Mohammed AlYahya
Network Reconnaissance
> Network Reconnaissance Simulator
root@kali:~#
Click a preset or type a command to start scanning...
Rendering XSS safely — the defender view
XSS: safe vs unsafe rendering
A side-by-side of how the same input renders through innerHTML versus textContent. I use this to explain to engineers why sanitization is a rendering-layer decision, not a validation decision.
VULNERABLE (innerHTML)
SANITIZED (textContent)
Email Threat Analysis
> Email Phishing Analyzer
Paste email headers below to analyze for phishing indicators.
Log Threat Detection
> Log Analyzer — Threat Detection
Security Headers Audit
> Security Headers Scanner
Subnet Calculator
> Subnet Calculator
CVE Lookup
> CVE Vulnerability Lookup
> Enter a CVE ID or click a famous vulnerability above
JWT Token Inspector
> JWT Token Decoder
Password Strength Analyzer
> Password Strength Analyzer
> Waiting for input...
STRIDE Threat Modeling
> STRIDE Threat Modeler
Select an asset type to generate a STRIDE threat model with recommended mitigations.
> Select an asset type above to begin threat modeling.
Incident Response (NIST 800-61)
> Incident Response Framework (NIST SP 800-61)
MITRE ATT&CK Skill Matrix
> MITRE ATT&CK Skill Matrix
Reconnaissance90%
Initial Access85%
Execution80%
Persistence75%
Privilege Escalation88%
Defense Evasion70%
Credential Access82%
Discovery90%
Lateral Movement78%
Collection72%
Exfiltration65%
Impact60%
Security Milestones
> Security Milestones
2023-01
ECC/TCC National Audits
Executed ECC/TCC audits for national infrastructure
2023-06
NCA/CST/CMMC Compliance
Led compliance initiatives achieving full NCA
2024-01
Enterprise Risk Framework
Spearheaded enterprise-wide IT and cybersecurity risk assessments aligned with SAMA ITGF
2024-06
DLP & FIM Deployment
Architected and deployed Data Loss Prevention and File Integrity Monitoring solutions to reduce insider threat exposure
2025-01
Risk Reporting Transformation
Embedded KRIs and residual risk scoring into Jira
Encryption & Hashing
> Encryption & Hashing Playground
> Enter text above to see hashes and encodings
Caesar Cipher
> Caesar Cipher Encoder/Decoder
13
DNS Resolution
> DNS Resolution Visualizer
💻
Browser
🔍
Recursive Resolver
🌐
Root Server
🏢
TLD Server
📋
Authoritative Server
TCP/TLS Handshake
> TCP/TLS Handshake Visualizer
CLIENT
SERVER
Saqr — GRC Intelligence
NCA · SAMA · CST · Aramco · PDPL · ISO 27001
I'm Saqr. Ask me anything about Saudi cybersecurity or data frameworks — I can explain a control, compare two frameworks, or tell you where to start a program. Verify anything critical against the official regulator before you act on it.
Educational, not legal advice. Verify against official NCA, SAMA, CST, and SDAIA sources.