DEV Community

Cover image for I Built 100+ Free Developer Tools That Run Entirely in Your Browser — Here's Why
Sai Bhargav
Sai Bhargav

Posted on • Originally published at devbench.co.in

I Built 100+ Free Developer Tools That Run Entirely in Your Browser — Here's Why

#webdev #javascript #opensource #devtools

I was debugging an authentication issue at 11pm when I caught myself pasting a production JWT token into a random online decoder.

The token contained user IDs, roles, and expiry claims. The site had no privacy policy. I had no idea where that token was going.

I closed the tab, fixed the bug using console.log, and spent the next few weeks building DevBench — a toolbox where nothing you paste ever leaves your browser.

What DevBench is

DevBench is a collection of 135 free developer utilities, all running client-side in the browser using JavaScript and the Web Crypto API. No account. No upload queue. No server receives your data.

Here's what's available today:

JSON tools (12)
Format, validate, minify, diff, tree view, JSON↔YAML, JSON↔CSV, JSON↔TypeScript, JSON Schema validation, AES-256-GCM encryption, NDJSON parser, and more.

Dev utilities (36)
JWT decoder + encoder (HS256/384/512 via Web Crypto), regex tester, SQL formatter, cURL-to-fetch converter, UUID/ULID/NanoID generator, hash generator (SHA-1/256/384/512), color converter, QR code generator, CSS box-shadow builder, Linux command reference, HTTP status codes reference, and more.

Encoding (13)
Base64 encode/decode, URL encode/decode, HTML entities, Hex, Binary, ROT13, Morse code — all client-side.

PDF tools (14)
Compress, merge, split, rotate, watermark, convert PDF to Word/Excel/images — processed locally using PDF.js and pdf-lib.

Text tools (18)
Diff checker, markdown preview, case converter, string inspector, Lorem ipsum generator, Unicode checker, word counter, and more.

Image tools (6)
Background remover (WASM ML model), resizer, compressor, format converter, EXIF viewer — no pixels leave your device.

Plus conversion tools, finance calculators, health calculators, math tools, and date/time utilities.

Why "runs in your browser" actually matters

Most of us paste sensitive data into online tools without thinking about it:

  • JWT tokens containing user roles and session claims
  • API responses with PII or internal service data
  • Hashed passwords (even hashes can be revealing)
  • Private SSH keys into format converters
  • Confidential PDFs into compression tools

Every tool that sends your data to a server is a potential data exposure. It doesn't require malice — even accidental logging, misconfigured S3 buckets, or a breach of the tool's database can expose data you thought was "just being formatted."

DevBench uses the Web Crypto API for all cryptographic operations (JWT verification, AES encryption, hashing) so the computation happens in your browser's secure context. For PDF processing, we use pdf-lib compiled to WebAssembly. For the AI background remover, the ML model runs via WASM entirely on your device.

The tradeoff is that we can't support files over ~50MB on some operations (browser memory limits), and very complex operations can be slower than server-side equivalents. For most developer use cases — debugging a JWT, formatting a JSON response, compressing a PDF — the browser is fast enough.

The tech stack

  • Framework: Next.js 16 (App Router) with Turbopack
  • UI: React 19, Tailwind CSS v4
  • Cryptography: Web Crypto API (native browser API, no third-party crypto library)
  • PDF processing: pdf-lib + PDF.js
  • AI background removal: WASM ML model (runs locally)
  • Hosting: Vercel
  • Repo: github.com/SaiBhargavRallapalli/all-in-one (MIT License)

The repo is fully open source with Playwright e2e tests, Vitest unit tests, GitHub Actions CI, and Lighthouse CI enforcing performance budgets.

What I learned building 135 tools in one codebase

Single tool registry was the right call. Every tool is defined in a central tools-registry.ts with metadata (name, slug, description, category, keywords). New tools are one registry entry + one component. The /tools/[slug] dynamic route handles metadata, schema markup, and layout automatically.

Client-side PDF is harder than it looks. The Web APIs are powerful but quirky. PDF rendering fidelity varies by browser. Font embedding is a consistent pain point. Plan for 2–3x more time than you'd expect on any PDF feature.

Topical authority matters more than I expected. Writing blog content around each tool category (not just building the tools) is what gets the pages indexed and ranked. Tools without supporting content are invisible to search engines.

Web Crypto API is genuinely excellent. The crypto.subtle API covers HMAC signing, AES-GCM encryption, RSA operations, and secure random generation natively in every modern browser. No crypto-js, no forge, no external dependencies. Smaller bundle, better security.

What's next

  • VS Code extension to open DevBench tools from the command palette
  • Pro tier (ad-free, file upload history, API access)
  • More language/framework-specific tools (TypeScript playground, SQL query builder, regex with named groups UI)

If you have a tool you reach for constantly that isn't here — open an issue. The contributing guide is at CONTRIBUTING.md and the first-contribution list has approachable tasks.

And if the privacy-first, client-side approach resonates with you — share it with your team. The JWT debugger specifically is worth bookmarking as an alternative to jwt.io for anything involving real tokens.

Try DevBench →

Top comments (0)