Entropy Analyzer
Calculate Shannon entropy to detect encoded, encrypted or obfuscated strings. Find high-entropy anomalies in log files, source code and environment variables.
Free · No credit card · 50 credits/day
Entropy thresholds
Bits per character — higher means more unpredictable and uniform character distribution.
0 – 3.5 bits
Low entropy
Natural language, structured config files, CSV data, XML. Characters repeat predictably.
Hello, world! → 3.18
username=admin → 2.92
SELECT * FROM users → 3.4
3.5 – 4.5 bits
Medium entropy
Possibly obfuscated or lightly encoded. Typical of CamelCase identifiers, phone numbers, UUIDs.
getUserByEmail → 3.81
a1b2c3d4-e5f6 → 4.0
myP@ssw0rd! → 3.9
4.5 – 7.5 bits
High entropy — suspect
Likely encrypted, Base64-encoded, compressed or a cryptographic hash/key. Investigate further.
SGVsbG8gV29ybGQ= → 5.54 (Base64)
sk_live_abc123xyz → 5.1
eyJhbGciOiJIUzI1... → 5.7 (JWT)
7.5 – 8.0 bits
Near-random / binary
Raw binary data, compressed output, strong encryption ciphertext. Virtually uniform distribution.
Random 32-byte key → 7.8+
AES-256 ciphertext → ~8.0
gzip compressed → 7.5+
Security research use cases
Paste environment variables or config files and check for high-entropy strings that could be API keys, private keys or passwords accidentally committed to version control.
Obfuscated malware often stores encrypted payloads as high-entropy string literals. Run the line-by-line mode on suspicious code to locate the encoded payload.
Paste log lines and sort by entropy. Encoded exfiltration traffic, injected tokens and obfuscated commands show up as statistical outliers among normal low-entropy log data.
A generated API key or secret should score near 6 bits/char (Base62 charset). Lower scores suggest weak generation — sequential IDs, timestamps or predictable patterns.
When given an unknown string in a CTF, entropy is the fastest first step — it tells you immediately whether you're dealing with ciphertext, encoding, or plaintext.
Near-random entropy (7.5+) in a file or string may indicate gzip, zlib or brotli compressed data stored as a raw byte sequence.
Frequently asked questions
Related tools
More tools for encoding and security analysis.
Analyze a string now
Free account. 50 credits per day. Access to 75+ tools instantly.
Create free account →