Built for developers,
by developers
DevOpsArsenal is a collection of 50 free tools that run entirely in your browser. No data is ever sent to a server. No signup, no tracking, no nonsense โ just tools that work.
Our Principles
Privacy First
Every tool runs 100% in your browser. Your JWT tokens, passwords, API keys and config files never leave your device. No analytics beyond basic page views. No fingerprinting.
Instant & Fast
No frameworks, no build step, no loading spinners. Average page size is 20KB of HTML โ pages load in under 200ms on any connection. Works offline once cached.
One Job, Done Well
Each tool does one thing and does it properly. No feature bloat, no upsells. You paste input, you get output. Copy and move on with your day.
No Lock-In
Every tool is a single HTML file. Right-click โ Save As โ use it forever, on any machine, behind any firewall, on an airplane. No internet required (except DNS and IP lookup).
Accessible
Semantic HTML5, ARIA labels, keyboard navigation, high-contrast Charming Seaside colour scheme. Responsive design tested on devices from 380px to 4K.
Transparent
View the source of any tool โ it's all there in readable JavaScript. No obfuscated code, no hidden network calls. We use the browser's native Web Crypto API for all cryptographic operations.
Technology Stack
DevOpsArsenal is deliberately simple. No React, no Node.js, no build pipeline. Just the web platform as it was designed to be used.
Tool Categories
Security (9)
JWT, Base64, Hashing, HMAC, Passwords, SSL, SSH Keys, Log Masking
Networking (5)
CIDR, DNS, IP Lookup, HTTP Reference, Port Reference
Cloud & DevOps (10)
K8s, Docker, Nginx, Git, Terraform, .env, Cron, Cloud Cost/Latency
SRE (4)
SLA Calculator, Incident Matrix, Rate Limits, Latency Percentiles
Data Formats (7)
YAML/JSON/TOML, Diff, JSONPath, cURL, SQL, CSV, JSON Formatter
Utilities (15)
Regex, UUID, Timestamps, Text Case, Markdown, Colors, AI Prompts and more
Frequently Asked Questions
Project Timeline
How We Build and Test Each Tool
Every tool starts from a real problem someone hit at work โ a JWT that needed decoding mid-incident, a CIDR range that needed splitting before a VPC peering request, a cron expression nobody on the team could parse at 2am. We build the tool against actual edge cases: malformed JWTs missing a segment, IPv6 CIDR blocks, cron strings with step values and ranges combined. Each tool is tested by hand against known-good and known-bad inputs before it ships, and the editorial content on each page is written by checking the underlying spec or RFC, not paraphrased from other sites.
Because nothing here touches a server, there's no database to migrate and no API to version โ a tool that worked in 2025 keeps working exactly the same way today. The tradeoff is that anything requiring live external data (DNS resolution, IP geolocation, current cloud list prices) depends on the accuracy of the public API or dataset it queries, which we note explicitly on those specific tool pages.