URL Encoder/Decoder

URL encoding with multiple modes

URL Encoder/Decoder

Professional URL encoding and decoding tool with support for standard, component, and multiple encoding levels

Input

Enter text to encode using Standard URL Encoding

Encoding Mode

Plain Text

Output

URL Encoded result

URL Encoded Text

Quick Examples

Click any example to try it

Basic URL with spaces

component

Original:

hello world test

Encoded:

hello%20world%20test

Special characters

component

Original:

[email protected]?param=value&other=123

Encoded:

user%40domain.com%3Fparam%3Dvalue%26other%3D123

CTF Flag format

component

Original:

CTF{url_encoding_is_easy}

Encoded:

CTF%7Burl_encoding_is_easy%7D

Double encoded

double

Original:

admin

Encoded:

%2561%2564%256D%2569%256E

SQL injection payload

component

Original:

' OR 1=1 --

Encoded:

%27%20OR%201%3D1%20--

Path traversal

component

Original:

../../../etc/passwd

Encoded:

..%2F..%2F..%2Fetc%2Fpasswd

URL Encoding Reference

Common characters and their URL encoded equivalents

%20

Space

%21

Exclamation

%22

Quote

%23

Hash

%24

Dollar

%25

Percent

%26

Ampersand

%27

Apostrophe

(

%28

Left Paren

)

%29

Right Paren

%2B

Plus

%2C

Comma

%2F

Slash

%3A

Colon

;

%3B

Semicolon

%3D

Equals

%3F

Question

%40

[

%5B

Left Bracket

]

%5D

Right Bracket

CTF Tips for URL Encoding

• Look for URL encoded data in HTTP requests and responses
• Try double or triple encoding for bypassing filters
• Check for URL encoded SQL injection payloads
• Some systems decode multiple times automatically
• URL encoding can hide malicious payloads from detection
• Compare encodeURI() vs encodeURIComponent() behavior
• Watch for mixed encoding schemes in the same string