Privacy & Security

Last updated: 2026-05-03

The one-sentence version

Every operation - encryption, decoding, hashing, steganography, analysis - runs entirely inside your browser. Your input never leaves your device. There are no servers. There is nothing to leak.

What we collect

Data type Sent to server? Stored?
Tool inputs (text, files, keys, passwords) Never Not persisted
Analytics / usage Never Nothing collected
Cookies None set No server, no cookies
IP address Never logged by CyberTools GitHub Pages may log standard hosting metadata (see below)
Theme preference, recent tools Never localStorage only (stays on your device)

How to verify this yourself - in 60 seconds

Trust should not require faith. Open DevTools and check for yourself:

  1. Open any CyberTools page in your browser.
  2. Open DevTools: F12 (Windows/Linux) or Cmd+Option+I (Mac).
  3. Click the Network tab. Click the clear button (🚫) to empty the log.
  4. Use a tool - paste text, encode something, decrypt a JWT, compute a hash.
  5. Observe the Network tab. Zero new requests will appear after the initial page load. Your data stayed entirely in your browser.

localStorage usage

CyberTools uses your browser's localStorage for the following - this data never leaves your device:

  • ct-theme - your dark/light preference.
  • ct-history - the last 10 tools you visited (IDs only, no input data).
  • ct-favorites - tools you have starred.
  • ct-visit-count - visit count for the PWA install prompt.
  • ct-install-dismissed - whether you dismissed the install prompt.

To clear everything: open your browser's DevTools → Application → Storage → Clear Site Data.

Third-party dependencies

CyberTools self-hosts every dependency. No external CDN requests are made at runtime. All assets are served from the same origin.

Dependency Purpose Source
Tailwind CSS Styling utilities Built locally, committed to repo
Inter font UI typography Self-hosted woff2
JetBrains Mono Code/output typography Self-hosted woff2

Open-source transparency

CyberTools is fully open-source under the MIT License. Every line of code is publicly auditable. If you find a discrepancy between this policy and the code, the code is authoritative - and we'd appreciate a bug report.

View source on GitHub SECURITY.md Report a security issue

GitHub Pages hosting

CyberTools is hosted on GitHub Pages. GitHub may collect standard web server logs (IP address, timestamp, user-agent) as part of serving the static files. This is GitHub's standard infrastructure logging and is outside of CyberTools' control. See GitHub's privacy statement for details. CyberTools itself adds zero tracking on top of this.