Developer tools
Utilities to speed up everyday development work.
Developer tools directory
JSON Formatter
Format, validate and minify JSON in one click.
XML Formatter
Format and validate XML documents.
HTML Minifier
Minify, optimize and validate HTML in one workspace.
JavaScript Minifier
Minify, beautify and analyze JavaScript safely.
CSS Minifier
Minify, beautify and analyze CSS safely.
Hash Generator
MD5 + SHA-1/256/384/512 of text or file, with HMAC support.
Regex Tester
Test, debug and build regular expressions in real time.
JWT Decoder
Decode, inspect and verify JSON Web Tokens.
Secure Notes Tool
Password-encrypted notes that never leave your browser.
Clipboard Manager
Save, search and re-use your clipboard history.
Internet Speed Test
Measure your download, upload, ping and jitter.
Ping Test Tool
Measure round-trip latency to any host from your browser.
IP Address Finder
See your public IP, location, ISP and network details.
DNS Lookup Tool
Resolve A, AAAA, MX, TXT, CNAME, NS, SOA and CAA records.
Browser Information Checker
See your browser, locale, permissions and web-API support.
Device Information Checker
Detect device type, OS, screen, GPU and hardware specs.
Battery Status Checker
See your battery level, charging state and remaining time.
Screen Resolution Checker
Detect screen size, viewport, DPR, color depth and refresh rate.
Keyboard Tester
Test every key on your keyboard — instantly, in the browser.
Mouse Click Tester
Test every mouse button, double-click, scroll and CPS.
Mic Test Tool
Live mic level, waveform and quick record-and-playback.
Webcam Test Tool
Live webcam preview with resolution, FPS, snapshots and record.
Text Diff Checker
Compare two texts side-by-side with highlighted differences.
Duplicate Line Remover
Remove duplicate lines from any text or list.
Line Sorter
Sort lines alphabetically, numerically, by length or randomly.
Secure File Shredder
Overwrite a file's bytes with crypto-random data before download.
Session ID Generator
Generate cryptographically random session tokens.
API Key Generator
Generate Stripe-, GitHub- and OpenAI-style API keys.
Encryption Key Generator
Generate AES, RSA, ECDSA, ECDH and HMAC keys via Web Crypto.
JWT Generator
Sign and generate HMAC JSON Web Tokens.
Cron Time Translator
Translate cron expressions into English + next runs.
Cron Job Expression Generator
Build cron expressions with a visual field editor.
Regex Generator
Curated regex library + visual builder + live tester.
SQL Formatter
Beautify SQL with proper indentation and uppercase keywords.
SQL Query Beautifier
Column-aligned SQL formatter — keyword case, comma style, indent, SELECT alignment.
TOML Formatter
Parse, validate and pretty-print TOML configuration.
Code Screenshot Generator
Render code as a shareable PNG — six themes, eight languages, line numbers, window chrome.
Terminal Command Cheat Sheet
Searchable reference — Bash, Git, Docker, networking, macOS, Linux.
Keyboard Shortcut Generator
Build sectioned cheat sheets — styled `<kbd>` chips, Markdown + plain-text export.
API Response Viewer
Auto-detect JSON / XML, collapsible tree, JSONPath/XPath search.
HTTP Header Checker
Paste a response and audit security, caching, CORS and content headers.
MIME Type Checker
Magic-byte detection — true MIME from the file's first 512 bytes.
Website Source Viewer
Paste HTML, prettify + extract outline, scripts, styles, links, images, meta tags.
MAC Address Lookup
Find the vendor + classification for any MAC address.
UUID Validator
Verify any UUID and detect its version (v1-v8).
SSL Certificate Checker
Paste PEM — parse X.509 v3, days-till-expiry, SAN, key bits, SHA-256 fingerprint.
Duplicate File Name Cleaner
Find duplicate file names and propose unique renames.
File Metadata Viewer
Pick a file — name, size, MIME sniff, dimensions, duration, SHA-256, hex dump.
EXIF Data Remover
Strip EXIF/IPTC/ICC from JPEG losslessly + PNG/WebP via re-encode.
Unicode Character Finder
Curated Unicode catalogue with code-point and escape lookups.
Keyboard Layout Visualizer
Compare QWERTY, Dvorak, Colemak, AZERTY, Workman + finger load analyser.
Fake JSON Data Generator
Schema-driven fake JSON for mocking APIs (crypto-strong randomness).
SQL Dummy Data Generator
Schema-driven INSERT statements for PostgreSQL / MySQL / SQL Server.
Random File Generator
Generate test files up to 100 MB — text, lorem, binary, zeros or PNG noise.
Broken Link Checker
Paste HTML — catch empty hrefs, placeholders, mixed content, missing noopener, tracking-params.
Meta Tag Analyzer
Holistic SEO meta audit — score, breakdown by category, every meta tag explained.
Redirect Chain Checker
Paste `curl -IL` output — every hop's status, Location, server, signals.
Canonical URL Checker
Paste HTML; audit canonical, og:url, twitter:url, hreflang and normalise URLs.
Mobile-Friendly Test
Paste HTML — score 0-100 across viewport, tap targets, fonts, plugins, fixed widths.
Website Cache Checker
Paste HTTP response — deep Cache-Control + ETag + Vary + CDN-cache-status audit.
CDN Checker
Fingerprint the CDN from response headers — Cloudflare, Fastly, Akamai, CloudFront, Vercel, more.
SSL Expiry Reminder
Paste a PEM cert — generate a calendar reminder (.ics) before it expires.
Website Uptime Monitor
Browser-side poller — track a list of URLs, see live up/down timeline.
Domain Age Checker
Paste WHOIS — extract creation / expiry, compute age + days-till-expiry.
DKIM Record Checker
Paste DKIM TXT — validate tags, RSA key length, allowed hashes + service types.
DMARC Record Checker
Paste DMARC TXT — validate policy, alignment, percentage, report URIs; 0-100 score.
Developer utilities that save you a context switch
Every developer keeps a mental drawer of tiny tools they reach for a dozen times a day: something to pretty-print a blob of JSON, decode a JWT to see what is inside it, hash a string, escape some HTML, test a regular expression, or generate a UUID. None of these is hard, but each one interrupts your flow if you have to go find a tool, and many of the sites that offer them are slow, ad-choked, or — worst of all — quietly send whatever you paste to a server you do not control. The developer category collects these utilities in one place, runs them entirely in your browser, and gets out of your way.
That last point matters more than it sounds. Developers routinely paste things that are sensitive by nature: tokens, API responses, config fragments, internal URLs, sample records that may contain real data. A formatting or decoding tool that uploads your input is a genuine security risk. Because everything here executes locally, you can decode a production JWT or format a response containing customer fields without that data ever leaving your machine — exactly the property you want from a tool you use on real work.
The utilities in this toolbox
The collection covers the operations that come up constantly in day-to-day coding. Data-format tools format, validate and minify JSON, XML and similar structures, turning an unreadable single line into something you can actually inspect — or collapsing a formatted file back down for transport. Encoding and decoding tools handle Base64, URL encoding, HTML entity escaping and JWT inspection, the conversions that sit at the boundaries between systems and are easy to get subtly wrong by hand.
Hashing and identifier tools generate MD5, SHA and similar digests, produce UUIDs, and create random tokens — useful for checksums, cache keys, test fixtures and seeding. Pattern tools let you build and test regular expressions interactively, so you can see exactly what a pattern matches before you drop it into code. And a set of smaller helpers covers the rest: escaping strings, converting between cases used in code, and inspecting structured data. Each is a focused single-purpose tool rather than a bloated all-in-one, which is what makes them fast to load and quick to use.
- Pretty-printing and validating a JSON payload to find a missing comma or bracket.
- Decoding a JWT to read its header and claims without trusting an external service.
- Encoding or decoding Base64 and URL-encoded strings while debugging an API.
- Generating a UUID or a batch of them for tests, seeds or database records.
- Hashing a string to verify a checksum or build a deterministic key.
- Building and testing a regular expression against sample input before shipping it.
Things developers commonly do here:
Why local processing is non-negotiable for dev tools
A formatter or decoder seems harmless, but the input you give it often is not. Consider a JWT: it carries a header, a set of claims, and a signature, and developers paste real tokens into decoders all the time to debug auth issues. If that decoder runs on a server, you have just handed a third party a valid token and whatever identity and permissions it encodes. The same logic applies to API responses full of internal IDs, to config snippets containing endpoints, and to any data that hints at how your systems are built.
Running the tool in the browser eliminates the exposure entirely. The token is decoded by JavaScript executing on your own CPU; nothing is logged, stored or transmitted. This is not a nice-to-have for developer tooling — it is the baseline. It means you can use these utilities on production data, on client projects under NDA, and on anything you would never paste into a random website, with the same confidence you would have using a local command-line tool.
Validation catches bugs before they ship
A large share of integration bugs trace back to malformed data: a JSON document with a trailing comma, an XML file with an unclosed tag, a Base64 string with the wrong padding. These errors are easy to make and frustrating to find because the failure often surfaces far from its cause. Running a payload through a validator turns a vague downstream crash into a precise message pointing at the exact line and character where the structure breaks.
Treating validation as a habit — paste, validate, then use — pays for itself quickly. Formatting a response so you can read it often reveals the problem on sight: a field that is null when you expected a value, an array where you expected an object, a number stored as a string. The regex tester serves the same purpose for patterns, letting you confirm a match against real examples before the pattern reaches code where a false match could be costly.
Built to fit into a workflow
These tools are deliberately minimal because their job is to be fast, not to be a destination. They load quickly, do one thing, give you a copyable result, and let you get back to your editor. There is no account to create, no limit on how many times you can use them, and no waiting on a server round trip. For the small, frequent operations that punctuate a coding session, that responsiveness is the whole point — a tool that takes five seconds to load defeats the purpose of a five-second task.
Getting regular expressions right the first time
Regular expressions are one of the most powerful tools a developer has and one of the easiest to get subtly wrong. A pattern that looks correct can match more than you intended, miss an edge case, or behave differently than expected because of how a particular engine treats greedy quantifiers, anchors, or character classes. The danger is that a flawed regex often works on the examples you tried and fails silently on the ones you did not — in validation, in a search-and-replace, or in a parser where a false match corrupts data.
An interactive tester removes the guesswork by letting you see exactly what a pattern matches as you build it. You paste in representative input — including the awkward cases, the empty strings, the values with unusual characters — and watch the matches highlight in real time. That immediate feedback turns regex from a write-and-pray exercise into something you can verify before it ever reaches your code, where a mistake is far more expensive to find.
It also makes regex approachable for the operations developers actually need most of the time: extracting a field, validating a format, replacing a pattern across a block of text. Rather than memorizing the full syntax, you can iterate quickly toward a pattern that does the job, confirm it against real and adversarial examples, and copy it out with confidence. For a tool used to gatekeep or transform data, that confidence is the difference between a quiet bug and a reliable check.
The broader lesson applies to every tool in this toolbox: verify before you trust. A formatter shows you the shape of your data, a validator confirms it parses, a decoder reveals what a token really contains, and a tester proves a pattern matches what you think it does. Each one replaces an assumption with evidence, and assumptions are where most integration bugs are born. Building the habit of checking the small things — the structure, the encoding, the match — with a quick local tool is one of the cheapest forms of insurance a developer has against the expensive bugs that surface in production.
Frequently asked questions
Is it safe to decode a real JWT or paste API data here?
Yes. Every developer tool in this category runs entirely in your browser, so a token or response you paste is decoded and processed on your own device and never sent to a server. That makes it safe to inspect production tokens and data that would be risky to paste into a server-backed tool.
Why is my JSON failing to validate?
The most common causes are a trailing comma after the last item, single quotes instead of double quotes around keys or strings, an unquoted key, or a missing closing bracket. A validator points to the exact line and character where parsing breaks, which usually makes the fix obvious at a glance.
What is the difference between encoding and hashing?
Encoding (like Base64 or URL encoding) is reversible — it transforms data into a transport-safe form that can be decoded back to the original. Hashing (like SHA-256) is one-way — it produces a fixed-length fingerprint that cannot be reversed, which is why it is used for checksums and integrity checks rather than for storing recoverable data.
Are the generated UUIDs and tokens actually random?
They are produced using the browser's cryptographic random number generator where appropriate, which is suitable for identifiers, test data and non-secret keys. For high-security secrets you should still follow your platform's recommended key-generation practices, but for everyday development the output is more than adequate.
Do I need to install anything to use these tools?
No. They are plain web pages that run in any modern browser with no installation, account or extension required. Once a page has loaded it also keeps working offline, since the logic runs locally rather than calling out to a server.