jarvisbox

jarvisbox /

プライバシーツール

共有前にメタデータと機密情報を削除 — 完全クライアントサイド。

100% クライアントサイド · ファイルはデバイスから出ません

プライバシーツール

Why browser-only privacy tools?

Most online privacy tools are ironically hosted on servers that log your input. Pasting a password into a "strength checker" hosted by an unknown party defeats the purpose. Every tool on this page runs entirely in your browser using standard Web APIs — Web Crypto for hashing, Canvas for image redaction, DOMParser for HTML scanning. Nothing is sent anywhere, and the tools work offline once loaded.

The sole exception is the Password Breach Check, which uses the Have I Been Pwned k-anonymity model: your password is hashed locally, only the first 5 hex characters of the hash are sent to the API, and matching is done in your browser. The full password and full hash never leave your device.

Choosing the right tool

To clean a URL before sharing, use the URL Tracker Cleaner. To audit an email or web page for surveillance scripts, use the Tracking Pixel Detector or Strip HTML Tracking. Before sharing a document, run it through the File Metadata Cleaner to remove author and device information. To blur or black out faces and sensitive text in photos, use the Image Redactor. To verify a downloaded file has not been tampered with, use the File Hash Calculator.

よくある質問

Are these privacy tools truly private?
Yes. Every tool on this page runs entirely in your browser. Files, passwords, and HTML you paste are never sent to a server. The only exception is the Password Breach Check, which sends only the first 5 characters of a SHA-1 hash to the Have I Been Pwned API — not the password itself.
What are URL tracking parameters?
Tracking parameters like utm_source, utm_medium, fbclid, and gclid are appended to URLs by marketers to measure traffic sources. They reveal your browsing path to the site owner and ad platforms. Removing them before sharing a URL protects the recipient's privacy.
What is a tracking pixel?
A tracking pixel is a 1×1 transparent image embedded in emails or web pages. When loaded, it notifies the sender that you opened the email or visited the page, along with your IP address and timestamp. The Tracking Pixel Detector tool scans HTML to identify these.
Why should I strip file metadata?
PDF and Office files embed metadata including the author name, creation date, software version, and sometimes GPS coordinates from photos embedded in the document. Sharing a file without stripping this metadata can inadvertently reveal personal information.
How does the k-anonymity breach check work?
The Breach Check tool hashes your password with SHA-1 locally, then sends only the first 5 characters of that hash to the Have I Been Pwned API. The API returns all hashes starting with those 5 characters, and the tool checks locally whether yours is in the list. Your full password or hash never leaves your browser.
What does redacting an image do?
The Image Redactor lets you draw black rectangles over sensitive areas — faces, license plates, document numbers — before sharing a photo. All processing happens on your device using the Canvas API.
Why verify a file hash?
When you download software or documents from the internet, the publisher often provides a SHA-256 hash. Computing the hash of the downloaded file and comparing it to the published value confirms the file was not tampered with or corrupted during download.
Do these tools work offline?
All tools except Password Breach Check work offline once the page is loaded. Breach Check requires a network request to the Have I Been Pwned API. All other tools use only built-in browser APIs and ship no external runtime dependencies.
このツールの問題を報告