Every security professional needs a fast, reliable way to encode, decode, hash, and analyze data. Cipher Forge is TLZSOFT’s answer — a browser-based cryptography playground with 50+ operations, a chainable pipeline, and zero server-side processing. Everything runs locally in your browser.
The standout feature is the transform pipeline. Click Base64 Decode, then JSON Prettify, then Extract URLs — each operation feeds its output into the next. This mirrors how real analysts work: JWT tokens need to be decoded before the payload can be read, hex dumps need to be converted before hashing, XOR-encrypted strings need the key before they reveal content.
Encoding: Base64, Base64URL, URL encode/decode, HTML entities. Hex/Binary: hex dumps, binary, octal, decimal, cross-format conversion. Classical ciphers: ROT13, ROT47, Caesar with brute-force, Atbash, Morse code. Hashing: MD5, SHA-1, SHA-256, SHA-512 via native SubtleCrypto. XOR: with custom key, with hex output. Analysis: encoding detection, JWT decode, extract URLs/IPs/emails/hashes from any blob. Format: JSON prettify/minify, SQL prettify, Unicode escapes. Crypto utilities: UUID generation, secure random passwords, HMAC-SHA256.
One design detail worth noting: the live Shannon entropy meter. As you type or paste input, a gradient bar slides from green (low entropy, plain text) through gold to red (high entropy, likely encrypted or compressed). The header shows the exact entropy value in bits per character. High entropy with no recognizable structure = probably encrypted. Low entropy with repeating patterns = likely encoded, not encrypted.
Use it at tlzsoft.com/cipher-forge — no account required.