About Online Dev Tools

Who built this

Online Dev Tools was created and is maintained by Ced, a software and security engineer who got tired of pasting sensitive tokens into random tools on the internet. The question that started this project was straightforward: why should a JWT, a private IP range, or a hash input ever leave your browser The answer was that it should not - and almost every existing tool was getting that wrong.

The first version was a personal scratch pad: a few HTML files that lived locally and ran JSON formatting and JWT decoding without making a single network request. Over time those files grew into a platform, the tools got more capable, and the underlying rule stayed the same - if your input can stay in the browser, it stays in the browser.

What this site is

Online Dev Tools is an independent platform of browser-based utilities built for developers, IT professionals, and security engineers. Every tool on the site is designed to solve one specific problem cleanly - without requiring an account, without storing your data, and without slowing down to load a framework that weighs more than the work you are actually trying to do.

The tool categories reflect the kind of work the site was built around:

• JSON tools - Formatting, validation, schema checking, TypeScript type generation, and structured diffing. These exist because JSON is everywhere and most editors still handle edge cases poorly.
• JWT and encoding tools - Decoding and inspecting JWTs, Base64 encoding and decoding, and understanding what is actually in an authentication token without sending it to a third-party service.
• Security tools - CSP header analysis, cryptographic hash generation, secure paste (client-side encrypted, self-destructing snippets), and UUID generation for non-guessable identifiers.
• Network and IP tools - CIDR subnetting, IP format conversions (binary, hex, decimal, dotted notation), WHOIS lookups, and DNS resolution. Built for engineers doing network troubleshooting and infrastructure work.
• Developer utilities - Regex testing, YAML validation, diff checking, log exploration, timestamp conversion, word counting, and case conversion for the small tasks that keep interrupting larger ones.

Why it is built the way it is

The design choices on this site come from a single constraint: the tool should not be the security problem. When you are debugging a JWT that carries user claims, analyzing a CSP header for a production site, or generating a hash of something sensitive, the last thing you should have to worry about is whether the tool you are using is logging your input.

That constraint produces a few concrete decisions. Most tools run entirely in your browser - the formatting, the hashing, the decoding, the validation. They do not POST your input anywhere. The ones that do make network requests (WHOIS lookup, DNS resolution, IP geolocation) are explicit about it, because those lookups by definition require a server. No tool on this site collects or stores what you type into it.

The site is also intentionally fast. Pages are static HTML files served from Cloudflare's edge network. There is no server-side rendering, no client-side routing framework, and no build step that adds a JavaScript bundle between you and the tool. The goal is that you land on the page and the tool is ready.

Editorial independence and content policy

All tools, guides, and articles on this site are written and maintained independently. No vendor pays for placement, no product is promoted in exchange for compensation, and no sponsored content appears without a clear label. The Learn section contains educational guides written to explain concepts that the tools on this site actually deal with - not to rank for keywords or push a product.

When a guide recommends a specific algorithm, format, or approach, that recommendation is based on technical merit and the kind of real-world considerations that come up in production work. When something is debated or context-dependent (SHA-256 versus SHA-512, for example, or MD5 versus any modern alternative), the guide explains the tradeoffs rather than picking a winner for the sake of appearing authoritative.

Advertising is displayed on some pages to support hosting and ongoing development. Ads do not influence tool functionality or article content. Core features are not restricted or placed behind ad interactions.

Accuracy and corrections

The technical content on this site is reviewed against current standards and updated when those standards change. If you find an error - in a tool's output, in a guide's explanation, or in a code example - please use the contact page to report it. Corrections are prioritized and credited when the reporter requests acknowledgment.

Cryptographic recommendations are particularly time-sensitive. Algorithm guidance (hashing, encoding choices, JWT algorithm selection) is reviewed against current NIST guidance and active CVE disclosures. If something on this site contradicts current security best practice, that is a bug, not an opinion, and it gets fixed.

What this site is not

Online Dev Tools is not a SaaS product, a subscription service, or a marketplace. There is no premium tier, no API with a rate limit, and no feature that requires signing in. It is a focused collection of tools and educational content, maintained by one engineer, built for the kind of work that comes up repeatedly in development and infrastructure roles.

If you find a tool useful, the best way to support continued development is to share it with someone who would use it or to help fuel the infrastructure directly.

Contact and feedback

Tool requests, bug reports, and technical corrections are welcome via the contact page. Feature requests that fit the site's scope - fast, browser-first, privacy-respecting tools for developers - are taken seriously and often implemented. The site has grown primarily by addressing gaps that showed up in real workflows, and that process continues.