Generate time-based one-time passwords from a TOTP secret key. Enter your base32 secret, choose a period and digit length, and get the current and next codes with a live countdown timer. Useful for testing and debugging 2FA integrations.

Generate Zod validation schema code from a JSON sample object. Infers z.string(), z.number(), z.boolean(), z.array(), z.object(), and z.null() types automatically. Handles nested objects, arrays of objects with optional field detection, and outputs copy-ready TypeScript with import and z.infer type alias.

Scan pasted text, code, or config files for accidentally exposed API keys, tokens, passwords, and private keys. Detects 50+ secret types across AWS, GitHub, Stripe, OpenAI, and more — all client-side, nothing leaves your browser.

Calculate the information-theoretic bit entropy of any password or API key. Detects character set pools automatically, shows the total number of possible combinations, and estimates crack time across five attack scenarios from rate-limited web logins to GPU cracking clusters.

Check TLS protocol version compatibility and cipher suite strength ratings against current best practices. Supports IANA and OpenSSL cipher names — rates each suite as Strong, Weak, or Deprecated and explains why.

Build Content Security Policy headers interactively. Toggle directives like script-src, style-src, and img-src, select allowed source tokens, and add custom origins. Instantly outputs your CSP as an HTTP header, meta tag, Nginx directive, or Apache header.

Calculate screen width and height from diagonal size and aspect ratio. Convert between inches and centimeters for displays, TVs, and monitors with instant dimension calculations.

Hash API keys using SHA-256, SHA-512, or PBKDF2 before storing them in your database. Generates a Node.js verification snippet and shows the recommended storage format — all 100% client-side using the Web Crypto API.

Create custom QR codes for URLs, text, and contact info

Generate TypeScript interfaces from JSON objects instantly. Infers types for strings, numbers, booleans, arrays, and nested objects. Detects optional fields from array element merging, handles null values, and outputs clean, ready-to-use interface definitions.

Generate Zod validation schema code from a JSON sample object. Infers z.string(), z.number(), z.boolean(), z.array(), z.object(), and z.null() types automatically. Handles nested objects, arrays of objects with optional field detection, and outputs copy-ready TypeScript with import and z.infer type alias.

Escape and unescape special characters in JSON string values. Handles double quotes, backslashes, newlines, tabs, carriage returns, and Unicode \u sequences. Real-time bidirectional conversion with a built-in escape sequence reference.

Format Kotlin code instantly in your browser. Fix indentation, enforce opening-brace-on-same-line style, and add trailing commas to function parameters and class bodies — no server required.

Convert Apache Parquet files to CSV format instantly in your browser. No uploads, no server — all processing is 100% client-side.

Calculate safe polling intervals, per-client request capacity, burst headroom, and throttle risk from any API rate limit. Enter your rate limit, time window, and number of concurrent clients to instantly see the minimum delay between requests, per-client allocation, burst capacity, and a color-coded throttle risk assessment. Supports Stripe, GitHub, X (formerly Twitter), OpenAI, Twilio, and any custom rate limit. Free and runs entirely in your browser.

Convert YAML to TOON (Token Oriented Object Notation) and reduce LLM token usage. Free, instant, browser-based.