About Toolsy

Toolsy is a curated collection of online tools for developers, designers, writers, students, and everyday internet users. The mission is simple: take the kinds of small, repetitive jobs people do dozens of times a week — format a JSON blob, decode a URL, generate a hash, convert hex to RGB — and make them fast, accurate, and frictionless.

Every tool on Toolsy follows the same three rules: it runs without a signup, it works on a phone as well as a laptop, and it does one thing well. No multi-step flows, no upsells, no half-functional free tier hiding the real version behind a paywall.

What you'll find here

Toolsy is organized into six categories that cover the most common ad-hoc tasks of technical and semi-technical work:

• Developer tools — JSON formatter and validator, SQL formatter for six dialects, YAML and XML formatters, regex tester with explanation, cron expression builder with preview, JWT decoder, IP CIDR calculator, timestamp converter, HTTP headers inspector.
• Cryptography — hash generator (MD5, SHA-1, SHA-256, SHA-512), HMAC generator, AES encryption and decryption, RSA key generation and encryption, bcrypt hashing, password generator, TOTP generator compatible with Google Authenticator.
• Encoding and conversion — Base64 (encoder, decoder, URL-safe, image-to-data-URI), Base32, URL encoding, Unicode / UTF-8 inspector, and dedicated converter pages for JSON ↔ YAML, JSON ↔ CSV, hex ↔ decimal, hex ↔ binary, hex ↔ RGB, decimal ↔ octal, Markdown ↔ HTML, and more.
• Text tools — character and word counter, case converter, text diff, slug generator, word frequency analyzer, Lorem Ipsum generator.
• HTML and CSS — live HTML editor with preview, HTML minifier, CSS minifier and beautifier, Markdown live preview.
• Generators — QR code, UUID, color picker, fake data (names, emails, addresses, full datasets exportable as JSON / CSV / SQL), .gitignore from 22 templates.

How Toolsy is built

Toolsy is deliberately old-school for a 2026 web app. Pages are server-rendered HTML; the browser receives finished markup, not a JavaScript shell that has to download, parse, and execute a megabyte of code before showing anything. JavaScript is added only where it earns its place — handling input changes inside a tool, calling the API, formatting results. The CSS lives in one stylesheet, themed with custom properties so light, dark, and "follow the system" modes all share the same code.

Cryptographic operations run on the server using vetted libraries — Node's built-in crypto module for hashes, HMACs, and TOTP, node-forge for RSA, bcryptjs for password hashing. We rely on these libraries rather than reimplementing primitives, because rolling your own crypto is the textbook way to write subtle, dangerous bugs. Sensitive inputs are processed in memory and discarded as soon as the response is sent; nothing is logged or persisted.

For larger jobs (formatting a 500KB JSON file, parsing a long CSV), Toolsy keeps the work in the browser whenever possible so your data never leaves your device. Everything else is over HTTPS to a small Node.js app running on serverless infrastructure.

Privacy

Toolsy doesn't ask for an account, an email, or any other personal information. There's no user profile, no saved history that lives on a server, no "your data" page — because there is no "your data" on our end. The only thing stored client-side is your theme preference (light, dark, or system), saved as a single value in localStorage. You can clear it any time and Toolsy keeps working exactly the same way.

Server-side, we log aggregate usage information — which pages were visited, how long the request took, the browser family and country (when our hosting provider exposes it) — so we can spot bugs, see which tools people actually use, and plan what to build next. IP addresses are hashed with a daily-rotating salt before being written to disk, so two requests from the same user on different days are not linkable.

The full data-handling policy is on the privacy page. The short version: we don't sell anything, we don't share data with third parties beyond what's strictly required by Google AdSense (described below), and we don't track you across other sites.

How Toolsy stays free

Running a tools site costs real money — a domain, hosting, occasional paid services for analytics or error tracking. To cover those costs and keep every tool free without locking anything behind a "Pro" plan, Toolsy shows a small number of unobtrusive ads served through Google AdSense.

The placements are deliberately conservative: at most one ad above the main tool, one between content sections, and one anchored to the bottom of the screen on mobile. There are no auto-playing video ads, no pop-overs that block what you're trying to do, no full-screen takeovers between page loads. We follow the Better Ads Standards and audit placements ourselves.

If you'd rather support Toolsy directly, the support page has a Buy Me a Coffee link. One-time tips are very welcome and meaningfully help — a single contribution roughly covers a month of hosting.

Roadmap

New tools ship roughly every week. The current backlog is biased toward developer infrastructure — SSH key generator, PGP key generator, GraphQL schema linter, SSL certificate inspector — and toward broader format coverage in the converter section. If you regularly find yourself opening another tab to do something Toolsy could handle, that's exactly the kind of feedback that shapes the roadmap.

Have a suggestion, found a bug, or want to report a tool that's giving wrong output? Email hello@toolsy.website. Real humans read everything; you'll get a real reply.

Toolsy is an independent project, not affiliated with any of the companies whose formats or protocols it supports. Trademarks, where mentioned, belong to their respective owners.