Utility Pages
Free Tools

Free Developer Tools

JSON, regex, hashing, JWT, encoding, diff, and more — fast, browser-only, no signup. Your data never leaves your device.

Developer utilities you reach for daily: format that JSON response, decode that JWT, test that regex, generate that UUID. Every tool here runs entirely in your browser — no API call, no logging, no telemetry. Paste a JWT containing user data without worrying about leaks.

JSON Formatter & Validator
Pretty-print, minify, sort keys, error line/column
Regex Tester
Live highlighting, capture groups, all flags, replace mode
Hash Generator
SHA-256, SHA-384, SHA-512, SHA-1, MD5
Base64 Encoder/Decoder
Standard + URL-safe variant
URL Encoder/Decoder
Component or full-URL percent-encoding
JWT Decoder
Header, payload, claims with timestamp parsing
UUID Generator
v4 (random) or v7 (timestamp-ordered) — bulk export
Password Generator
Strong, cryptographically random — with strength meter
Lorem Ipsum Generator
Classic, bacon, hipster, geek themes
Diff Checker
Side-by-side or unified text diff
Markdown to HTML
Live preview, GFM, copy clean HTML
URL Slug Generator
Clean SEO slugs from any title
AI Token Counter
GPT, Claude, Gemini cost estimator
Px to REM Converter
CSS unit converter with Tailwind reference

Frequently Asked Questions

Are these tools privacy-safe?
Yes. Most run 100% client-side — your data (JSON, JWTs, passwords, regex patterns) is processed in your browser and never sent to a server. The only exception: the AI Token Counter does the tokenization client-side too. We don't log, store, or analyze inputs.
Do you have a CLI version?
Not yet — these are designed for quick, one-off web use. For regular dev workflows, we recommend the standard Unix tools: jq for JSON, openssl for hashes, base64 utility, etc. Our tools shine when you need a quick UI without leaving the browser.
Why do you need to validate JSON / decode JWTs?
JSON: when an API returns malformed JSON, an error message like "Unexpected token at position 4521" is useless without a tool that highlights the exact line. JWTs: pasted from a debugger or HTTP header, they're opaque base64url — decoding shows you the claims and expiration without verifying the signature.
Can I use these in commercial projects?
Use them however you want — they're free utility tools. We don't claim ownership over any output (formatted JSON, generated UUIDs, hashed values, etc.).
Are passwords from your generator really random?
Yes. We use the browser's crypto.getRandomValues() (cryptographically secure RNG, the same primitive Node.js, Python's secrets, and Go's crypto/rand use). Good enough for production secrets — though for actual deployment you'd want a secret manager, not copy-paste.