Don't trust, verify (the code). Just 60 lines! No third-party code.
Works offline: open aes-gcm-file-encryption.html in a browser.
The encrypted file is indistinguishable from a random sequence of bytes without knowing the key (there are no identifiers).
This tool does not use KDF (Key derivation function; which is used to improve the strength of weak passwords), so it is suggested to use a strong password, or even better, a strong passphrase because passphrases are easier to remember (e.g. 128 bits of entropy in 6 words at wiktionary-passphrase-generator.html).
Details: AES-256-GCM encryption. Key is SHA-256(passphrase). Encrypted file is random 12-byte IV + ciphertext + 16-byte tag. Uses window.crypto browser API (no homemade crypto).
Maximum file size: ~64 GiB (NIST SP 800-38D sec. 5.2.1.1). File size must be less than available RAM as there is no streaming.