Are these data tools free?

Yes. No usage caps, no account, no premium tier locked behind a paywall.

Is my data sent to a server?

No. Every tool runs as JavaScript inside your browser tab. The JSON you paste, the CSV you convert, the string you hash, all of it stays on your machine.

Does input containing API keys or tokens stay in the browser?

The data tools run entirely in your browser and do not transmit input to a server. That said, treat credentials carefully regardless of which tool you use — a key visible on your screen is still a key visible on your screen. Rotate any credentials you no longer need.

How are the SHA hashes computed?

The hash generator uses the Web Crypto API, the same browser implementation used for TLS, WebAuthn, and Subresource Integrity. SHA-256 and SHA-512 are computed exactly as specified in FIPS 180-4 and produce byte-identical output to OpenSSL or any other compliant implementation.

Where do the UUIDs come from?

The UUID generator uses crypto.randomUUID, the browser's standardised UUID v4 generator. It draws on a cryptographically secure random source. Output is RFC 4122 compliant.

Will the CSV converter handle quoted fields and embedded commas?

Yes. The parser handles RFC 4180-style quoting: double-quoted fields, escaped quotes inside fields (a doubled quote character), and commas inside quoted fields. It also handles CRLF and LF line endings.

Why is Base64 longer than the original input?

By design. Base64 encodes every 3 bytes as 4 printable characters, so the output is always about 33 percent longer. The point isn't to compress, it's to make binary data safe to transmit through text-only channels like email or JSON.

Do these tools work offline?

After the first visit, yes. The site is statically exported and the JavaScript is small enough that the browser cache keeps everything working without a network.

Free data tools, online, all processing in your browser

A complete set of data processing tools that run entirely in your browser. Format and validate JSON, convert between CSV and JSON, encode or decode Base64, percent-encode URLs, generate cryptographic hashes, and create UUIDs. All processing runs locally.

Every tool uses standard browser APIs and runs in memory. Your data is processed locally and the result stays in your tab.

Read the complete data tools guide

JSON formatter

Pretty-print, minify, validate, and sort JSON keys. Instant output.

CSV ↔ JSON

Convert CSV to JSON and JSON back to CSV. Handles quoted fields and downloads.

Base64

Encode text or files to Base64, decode Base64, or convert images to data URIs.

URL encode / decode

Percent-encode and decode URLs, or parse query strings into key-value pairs.

Hash generator

Generate SHA-256, SHA-512, SHA-1, and MD5 hashes. Verify file checksums locally.

UUID generator

Generate random UUID v4 values in bulk. Uses the browser's crypto API.

Why data tools should not need a server

JSON payloads have a habit of carrying secrets. An API response includes a bearer token in an Authorization header. A CSV export includes customer email addresses. A Base64 string turns out to be a base64-encoded private key. The whole reason you opened a formatter was to read the contents, which means whatever is in there is content you don't want a third party to log.

Hosted JSON and CSV tools have to receive your data to format it. That data ends up in web server logs, in load balancer logs, sometimes in CDN caches, sometimes in error tracking services if the formatter throws. The site running the tool is one breach away from your data being public.

In-browser tools never receive the data because the browser is doing the work. The JSON you paste sits in a textarea on your screen, gets pretty-printed by JavaScript, and appears in another textarea. The bytes never crossed a network boundary.

How the data tools work

The JSON formatter uses the browser's built-in JSON.parseand JSON.stringify, the same parser that runs on every JavaScript engine. Base64 usesbtoa andatob, with a wrapper for handling Unicode correctly. URL encoding usesencodeURIComponent. CSV parsing is a hand-rolled state machine that follows RFC 4180.

Hashing and UUIDs are slightly different: they rely on the Web Crypto API, which is the standardised browser interface to cryptographic primitives. crypto.subtle.digestcomputes SHA-256, SHA-384, and SHA-512 using the browser's native implementation (often hardware-accelerated). crypto.randomUUIDgenerates RFC 4122 v4 UUIDs from a cryptographically secure random source.

In-browser data tools vs the alternatives

Approach	Processes locally	Setup	Best for
In-browser (this site)	Yes	None	Pasting real API responses, debugging tokens
Hosted online formatters	No	None	Sample data, public JSON
CLI tools (jq, openssl)	Yes	Install + learn syntax	Scripting, repeated transforms in CI

For a quick check during development (formatting a webhook payload, hashing a string, generating a few UUIDs for a database seed), in-browser is the fastest option. For anything you want to automate, the CLI tools are the right choice. Hosted formatters are convenient for sample data but should be avoided for anything sensitive.

When to use these tools

Inspecting an API response? Pretty-print and validate the JSON, then move structured rows between formats with the CSV and JSON converter.
Verifying file integrity after a download? Generate SHA-256 and MD5 checksums locally and compare them to the published value.
Embedding a small image inline or moving binary through a text-only channel? Use the Base64 encoder and decoder, and reach for the URL percent-encoder when adding query strings.
Seeding a database or building a fresh test fixture? Pull a batch of identifiers from the UUID v4 generator.

Frequently asked questions

Are these data tools free?: Yes. No usage caps, no account, no premium tier locked behind a paywall.
Is my data sent to a server?: No. Every tool runs as JavaScript inside your browser tab. The JSON you paste, the CSV you convert, the string you hash, all of it stays on your machine.
Does input containing API keys or tokens stay in the browser?: The data tools run entirely in your browser and do not transmit input to a server. That said, treat credentials carefully regardless of which tool you use — a key visible on your screen is still a key visible on your screen. Rotate any credentials you no longer need.
How are the SHA hashes computed?: The hash generator uses the Web Crypto API, the same browser implementation used for TLS, WebAuthn, and Subresource Integrity. SHA-256 and SHA-512 are computed exactly as specified in FIPS 180-4 and produce byte-identical output to OpenSSL or any other compliant implementation.
Where do the UUIDs come from?: The UUID generator uses crypto.randomUUID, the browser's standardised UUID v4 generator. It draws on a cryptographically secure random source. Output is RFC 4122 compliant.
Will the CSV converter handle quoted fields and embedded commas?: Yes. The parser handles RFC 4180-style quoting: double-quoted fields, escaped quotes inside fields (a doubled quote character), and commas inside quoted fields. It also handles CRLF and LF line endings.
Why is Base64 longer than the original input?: By design. Base64 encodes every 3 bytes as 4 printable characters, so the output is always about 33 percent longer. The point isn't to compress, it's to make binary data safe to transmit through text-only channels like email or JSON.
Do these tools work offline?: After the first visit, yes. The site is statically exported and the JavaScript is small enough that the browser cache keeps everything working without a network.