Don't trust, verify (the code). Just 60 lines! No third-party code. Less code = Less complexity = More security.
Works offline: open aes-256-gcm-file-encryption.html in a browser.
The encrypted file is indistinguishable from a random sequence of bytes without knowing the key (there are no identifiers).
SHA-256 is used as the KDF (key derivation function) because this tool is designed to be simple and used only with a strong password, or even better, a strong passphrase (e.g. 128 bits of entropy in 6 words at wiktionary-passphrase-generator.html).
Details: AES-256-GCM encryption algorithm (commonly used in HTTPS). Key is SHA-256(UTF-8-encoded passphrase). Encrypted file is random 12-byte IV + ciphertext + 16-byte tag. Uses Web Cryptography API (no homemade crypto).
Maximum file size: ~64 GiB (NIST SP 800-38D sec. 5.2.1.1). File size must be less than available RAM (Web Cryptography API does not support streaming).