PacketNebula

Tools + answers for the people who keep things running

Your network questions, answered in seconds.

Free, fast, browser-based tools for sysadmins, developers and security folks. No accounts, no uploads, no tracking your inputs. Plus field guides that give you the answer first and the theory after.

Browse all tools Read the guides
12tools, all free
100%browser-based where possible
0accounts required

Flagship tools

All tools →

Security

Password Generator

Cryptographically secure passwords and passphrases, with real crack-time estimates.

Runs in your browser

Network

IPv4 Subnet Calculator

CIDR, masks, ranges and subnet splitting with a visual map of the address space.

Runs in your browser

Dev

JWT Decoder

Decode and inspect JSON Web Tokens locally, with expiry timeline and signature check.

Runs in your browser

Dev

Cron Expression Builder

Build cron schedules with buttons, see the next 10 runs instantly.

Runs in your browser

Network

DNS Lookup

A, AAAA, MX, TXT, NS, CNAME and more, with response times and copy-ready records.

Security

SSL Certificate Checker

Expiry countdown, chain details, protocol and SAN list for any HTTPS host.

By category

Developer tools

Decode, build and debug faster: JWT, cron, encodings and more.

Network tools

Subnets, DNS, IPs: the daily bread of network admins, done right.

Security tools

Passwords, TLS certificates and the things that keep you off incident calls.

Email & DNS tools

SPF, DKIM, MX and the plumbing behind deliverability.

SEO tools

Technical SEO checks that actually move rankings.

Sysadmin tools

Converters, calculators and cheats for people who run servers.

Latest articles

All articles →
Answer card: a random 8 character password falls in under 2 hours offline, while 16 random characters hold for 1.4 trillion years at the same speed.

Security

How long does it take to crack a password in 2026?

Real crack times for 2026: an 8 character password falls in under 2 hours offline, 16 characters holds for ages. The math, the hardware and what to do.

 Answer card: JWTs are not encrypted, anyone can read them; the signature proves who issued the token, not who may read it.

Security

Are JWTs encrypted? No, and the difference will bite you

JWTs are encoded and signed, not encrypted: anyone holding a token can read every claim. What the signature really protects and what never belongs in a payload.

 Answer card: three DNS records decide if your mail lands or bounces; SPF lists allowed senders, DKIM signs messages, DMARC sets the failure policy.

Email/DNS

SPF, DKIM and DMARC explained: the records your email needs

SPF lists who may send for your domain, DKIM signs each message, DMARC sets the policy when checks fail. How the trio works and how to deploy it safely.