diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5710574..c04f791 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,14 @@ Versioning: CalVer (`YY.N`) — same scheme as the core Furtka repo.
 
 ## [Unreleased]
 
+### Added
+
+- **IT-Tools** (v1.0.0, image `corentinth/it-tools:latest`). A browser
+  toolbox: password/UUID/QR generators, hash and HMAC, Base64 / URL /
+  JWT decoders, JSON/YAML/SQL formatters, regex tester, cron parser,
+  subnet calculator, and the usual long tail. Runs fully client-side —
+  no state, no volumes, no settings. Serves on port 8080.
+
 ## [26.8-alpha] - 2026-04-21
 
 ### Changed
diff --git a/apps/it-tools/docker-compose.yaml b/apps/it-tools/docker-compose.yaml
new file mode 100644
index 0000000..741b74c
--- /dev/null
+++ b/apps/it-tools/docker-compose.yaml
@@ -0,0 +1,20 @@
+# Furtka IT-Tools — browser-side utility toolbox.
+#
+# IT-Tools is a purely static single-page app: the container serves
+# prebuilt HTML/JS and does all work client-side. No state, no volumes,
+# no env knobs — that's why this app has no manifest.settings and no
+# .env.example.
+#
+# TODO(image-pin): `:latest` is shaky for production — pin to a digest
+# (`corentinth/it-tools@sha256:...`) or a stable tag once we've verified
+# one against the upstream registry. For the MVP run we accept the drift
+# risk to keep the install reproducible against whatever the upstream
+# image happens to be on test day; revisit before any non-developer
+# touches this.
+
+services:
+  it-tools:
+    image: corentinth/it-tools:latest
+    restart: unless-stopped
+    ports:
+      - "8080:80"
diff --git a/apps/it-tools/icon.svg b/apps/it-tools/icon.svg
new file mode 100644
index 0000000..7cddee6
--- /dev/null
+++ b/apps/it-tools/icon.svg
@@ -0,0 +1,5 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 64 64" aria-hidden="true" fill="none" stroke="currentColor" stroke-width="3" stroke-linecap="round" stroke-linejoin="round">
+  <circle cx="32" cy="32" r="26" opacity="0.28"/>
+  <path d="M42 14 L50 22 L44 28 L38 22 Z M40 26 L22 44 L18 48 L14 44 L18 40 L36 22"/>
+  <path d="M16 50 L20 46"/>
+</svg>
diff --git a/apps/it-tools/manifest.json b/apps/it-tools/manifest.json
new file mode 100644
index 0000000..4772eb8
--- /dev/null
+++ b/apps/it-tools/manifest.json
@@ -0,0 +1,11 @@
+{
+  "name": "it-tools",
+  "display_name": "IT-Tools",
+  "version": "1.0.0",
+  "description": "Collection of small developer and admin utilities in one web UI.",
+  "description_long": "Werkzeugkasten für den Browser: Passwörter generieren, Hashes berechnen, JSON/YAML formatieren, Base64 en- und dekodieren, JWTs lesen, Regex testen, UUIDs oder QR-Codes erzeugen und vieles mehr. Läuft komplett im Browser — es werden keine Daten an externe Dienste gesendet.",
+  "volumes": [],
+  "ports": [8080],
+  "icon": "icon.svg",
+  "open_url": "http://{host}:8080/"
+}