ZeroTrace OSINT
Utilities & Decoders
The day-to-day utility tools — encoders, decoders, defangers, timestamp converters, URL tools, user-agent parser, paste-site search.
The Utilities discipline is the swiss-army-knife category. Each tool here is small, fast, and the right answer for a specific cheap operation an investigator runs many times a day.
What's in this section
| Tool | What it does |
|---|---|
| Encoders & decoders | Base64, hex, JSON, port reference, CIDR — the conversion utilities |
| JWT decoder | Header / payload / signature parsing, signature verify, alg-confusion warning |
| Defang | Defang and refang IOCs in multiple formats (CyberChef, MISP, STIX) |
| Timestamps | Unix / UTC / local / ISO / Windows FILETIME / Apple Cocoa / LDAP / WebKit conversions |
| URL tools | URL parser, URL analyzer with suspicion scoring, IDN homograph detection |
| User-agent parser | Browser / engine / OS / device / bot identification with version staleness |
| Pastebin search | Cross-source search of pastebin sites and Github gists |
Every tool in this section supports bulk-paste mode. Many investigations boil down to "convert this column from X to Y for two thousand rows" — bulk paste turns that from a task into a moment.
Common starting points
| You have... | Best first tool |
|---|---|
| A base64 string of unknown content | Encoders & decoders (auto-detect mode) |
| A JWT from a log line | JWT decoder |
| A URL or IP about to be shared in a chat | Defang |
| A weird Unix timestamp | Timestamps |
| A URL you want to dissect | URL tools |
| A user-agent string from a log | User-agent parser |
| A leaked secret you suspect ended up on a paste site | Pastebin search |