gotomars.app/tools is a collection of handy online utilities for developers and IT professionals. Convert, encode, format, generate — all in one place, all for free.
No registration · No installation · Works in any browser
Organized by category. Every tool runs entirely in your browser — nothing is sent to a server.
JSON ↔ YAML, Date format converter, Color format converter (HEX/RGB/HSL), Number base converter, and more.
Base64 encode/decode, URL encode/decode, HTML entities, JWT decoder, Unicode converter, and Morse code.
MD5, SHA-1, SHA-256, SHA-512 hash generators. Bcrypt hasher. HMAC generator. Random password generator.
JSON formatter & validator, XML formatter, SQL formatter, Markdown preview, HTML minifier/beautifier.
UUID / ULID generator, Lorem ipsum text, Random data generator, QR code generator, Cron expression helper.
IPv4/IPv6 subnet calculator, URL parser, HTTP status code reference, MIME type lookup, User-agent parser.
No setup, no account. Just open and use.
Open the tools site in any modern browser. No installation, no sign-up, no extensions needed. The entire application runs client-side — your data never leaves your machine.
Use the search bar at the top to find tools instantly by name or keyword (e.g. "base64", "hash", "uuid"). Or browse through the organized categories in the sidebar. New tools are added regularly.
Every tool has a simple input/output interface. Paste your data, and the result appears immediately — most tools update in real time as you type. No "Submit" buttons to click.
Example: Paste a JWT token into the JWT Decoder and see the header, payload, and expiry time broken down instantly.
Every tool has a one-click Copy button. Results are formatted cleanly for immediate use in your code, terminal, or documents.
Each tool has a unique URL. Bookmark the tools you use most often for instant access. You can also mark tools as favorites within the app.
Built for developers, used by everyone who works with data.
Decode JWTs during API debugging, format JSON API responses, generate UUIDs for database records, and verify hash values — all without leaving the browser.
Convert HEX colors to RGB/HSL, encode SVGs for CSS, minify HTML, parse URL parameters, and generate Lorem Ipsum filler content for mockups.
Generate bcrypt hashes for password testing, compute SHA-256 checksums for file integrity, decode Base64-encoded credentials, and analyze JWT claims.
Calculate subnets and CIDR ranges, parse cron expressions, look up HTTP status codes, convert between YAML and JSON configs, and generate random secrets.
gotomars.app is a productivity platform built for developers who are tired of Googling the same utility websites over and over. We believe the best tools are fast, focused, and free — with no account walls or paywalls in the way.
Our tools site is powered by it-tools, an open-source project by the community. We host a curated, always-updated instance at tools.gotomars.app so you always have a reliable, fast mirror available.
Every tool runs 100% in your browser. We never see your input data — it never touches our servers. This is a core design principle we will never compromise on.
Built and maintained by an indie developer who got tired of juggling 10 different utility tabs. ❤️
View Source on GitHubClient-side tools mean zero server round-trips. Results are instant, even on slow connections.
Your input data is processed in your browser only. We have no logs of what you paste into any tool.
Built on open-source foundations under the GPLv3 license. Transparent, auditable, and community-driven.
Last updated: March 27, 2026
By accessing or using gotomars.app ("the Service"), you agree to be bound by these Terms of Service. If you do not agree, please do not use the Service.
gotomars.app provides a collection of free online utilities for developers and IT professionals. All tools run client-side in your browser. We do not store, process, or transmit your input data on our servers.
You are solely responsible for:
You may not use the Service for any unlawful purpose or in any way that could damage, disable, or impair the Service. Automated scraping or bulk use that degrades performance for other users is prohibited.
The Service is provided "as is" without warranties of any kind. Tool outputs are provided for convenience and should be verified before use in production systems. We are not liable for errors in tool results.
To the fullest extent permitted by law, gotomars.app shall not be liable for any indirect, incidental, or consequential damages arising from your use of the Service.
We may update these terms at any time. Continued use of the Service constitutes acceptance of the revised terms.
Last Updated: March 27, 2026
At gotomars.app, accessible from https://gotomars.app, one of our main priorities is the privacy of our visitors. This Privacy Policy document contains types of information that is collected and recorded by gotomars.app and how we use it.
gotomars.app follows a standard procedure of using log files. These files log visitors when they visit websites. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable.
Like any other website, gotomars.app uses "cookies". These cookies are used to store information including visitors' preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimize the users' experience by customizing our web page content based on visitors' browser type and/or other information.
Google is one of a third-party vendor on our site. It also uses cookies, known as DART cookies, to serve ads to our site visitors based upon their visit to gotomars.app and other sites on the internet. However, visitors may choose to decline the use of DART cookies by visiting the Google ad and content network Privacy Policy at the following URL — https://policies.google.com/technologies/ads
Some of the advertisers on our site may use cookies and web beacons. Our advertising partners include:
Each of our advertising partners has their own Privacy Policy for their policies on user data. You can opt out of personalized advertising at Google Ad Settings or through the NAI opt-out tool.
gotomars.app's Privacy Policy does not apply to other advertisers or websites. Thus, we are advising you to consult the respective Privacy Policies of these third-party ad servers for more detailed information. It may include their practices and instructions about how to opt-out of certain options.
Note: All data you input into our tools is processed locally in your browser — it is never sent to our servers or any third party.
We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
If you make a request, we have one month to respond to you.
Under the CCPA, among other rights, California consumers have the right to: request that a business that collects a consumer's personal data disclose the categories and specific pieces of personal data collected; request that a business delete any personal data about the consumer; and request that a business that sells a consumer's personal data not sell the consumer's personal data.
If you make a request, we have one month to respond to you.
This Service is not directed to children under 13 (or 16 in the EU). We do not knowingly collect personal information from minors. If you believe a child has provided personal information, please contact us and we will take steps to remove it promptly.
If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us at support@gotomars.app.
We're a small team and we read every message. Typical response within 1–2 business days.
GDPR, CCPA, or other legal inquiries regarding data and privacy.
support@gotomars.appA closer look at the tools developers reach for every day.
JSON Web Tokens (JWTs) are widely used for authentication in modern web APIs. When debugging an API or investigating a login issue, developers often need to quickly inspect the contents of a JWT — its header algorithm, payload claims, expiry time, and issued-at date — without writing any code. The JWT Decoder on gotomars.app lets you paste any JWT string and instantly see all three sections (header, payload, signature) decoded and formatted. It highlights the expiry (exp) and issued-at (iat) timestamps in human-readable form, making it easy to spot expired tokens at a glance. All decoding happens in your browser — the token is never sent to any server, which is critical when working with tokens that contain sensitive user claims.
JSON is the universal data format for APIs, configuration files, and databases — but raw JSON from an API response or log file is often a single minified line that's nearly impossible to read. The JSON Formatter takes any valid (or broken) JSON string and instantly formats it with proper indentation, color-coded keys and values, and collapsible nodes for large objects. It also validates the JSON and highlights exactly where syntax errors occur, which is invaluable when debugging API payloads. You can choose between 2-space, 4-space, or tab indentation, and minify JSON back to a single line for embedding in code. The tool processes everything locally with no data leaving your browser, making it safe to use even with production data containing PII.
Base64 encoding is used everywhere in software development — embedding images in CSS, encoding binary data in JSON, passing credentials in HTTP Basic Auth headers, and storing binary blobs in databases. The Base64 tool on gotomars.app supports both standard Base64 and URL-safe Base64 (which replaces + and / with - and _), making it suitable for encoding JWT signatures, OAuth tokens, and URL parameters. You can encode plain text strings or decode Base64 back to the original string instantly. The tool handles Unicode characters correctly, which is often a pain point with manual Base64 implementations. Results update in real time as you type, with a one-click copy button for the output.
Cryptographic hash functions are fundamental to security — verifying file integrity, storing passwords, signing API requests, and generating checksums. gotomars.app provides hash generators for MD5, SHA-1, SHA-256, SHA-512, and bcrypt in a single unified interface. MD5 and SHA hashes are computed instantly as you type, useful for verifying that a downloaded file matches its published checksum. The bcrypt hasher lets you set the work factor (cost), which controls how computationally expensive the hash is — higher values provide better security against brute-force attacks. Unlike online hash tools that send your input to a server-side API, all hashing on gotomars.app runs via the Web Crypto API directly in your browser, so sensitive data like passwords or API secrets never leaves your machine.
Universally Unique Identifiers (UUIDs) are the standard way to generate unique primary keys for database records, correlation IDs for distributed tracing, and idempotency keys for API requests. gotomars.app supports UUID v1 (time-based), v4 (random), and v5 (namespace-based), as well as the newer ULID format which is sortable by creation time — a major advantage for database indexing. You can generate a single UUID or bulk-generate up to 100 at once, which is useful for seeding test databases or generating fixture data. The tool also lets you toggle between uppercase and lowercase output and choose different separator formats (standard hyphenated, compact, or URN). All IDs are generated using the cryptographically secure crypto.randomUUID() browser API.
URL encoding (percent-encoding) is required whenever special characters — spaces, ampersands, equal signs, non-ASCII characters — need to be included in a URL query string or path segment. Incorrectly encoded URLs are a common source of bugs in web applications, especially when dealing with internationalized content or user-generated input. The URL Encoder/Decoder tool supports both encodeURIComponent (for individual query parameter values) and encodeURI (for full URLs), which behave differently and are often confused. It also handles decoding, turning percent-encoded strings back into readable text. This is especially useful when inspecting redirect chains, debugging OAuth callback URLs, or analyzing web server access logs that contain encoded characters.
Everything you need to know about gotomars.app and its tools.
Yes, all tools on gotomars.app are completely free with no hidden costs, no subscription tiers, and no feature paywalls. You do not need to create an account or provide any payment information. The site is supported by non-intrusive advertising through Google AdSense, which allows us to keep all tools free for everyone.
No account is required. Every tool is accessible immediately without registration, email verification, or login. Simply visit tools.gotomars.app and start using any tool right away. We believe that utility tools should have zero friction — you should be able to open a tool and get your result within seconds.
Your data is completely safe. Every tool on gotomars.app runs entirely in your browser using client-side JavaScript — nothing you type or paste is ever sent to our servers. We have no backend that receives tool input, no database storing your data, and no logs of what you process. This is a core architectural decision, not just a policy promise. You can safely use the tools with sensitive data such as JWT tokens, API keys, passwords, or confidential JSON payloads.
gotomars.app currently offers over 50 developer utilities organized into categories including converters, encoders/decoders, hash & crypto tools, formatters, generators, and network tools. New tools are added regularly based on user feedback. If there is a tool you need that is not currently available, you can request it by opening an issue on our GitHub feedback page.
Once the page has loaded in your browser, most tools will continue to work even if you lose your internet connection, because all processing is done locally in JavaScript. However, the initial page load requires an internet connection. For regular offline use, you can bookmark specific tool pages and they will load from your browser cache. The site does not currently offer a downloadable desktop application, but this is on our roadmap.
Base64 encoding converts binary data into a text representation using 64 printable ASCII characters (A–Z, a–z, 0–9, +, /). It is used to embed binary data (like images or files) in text formats like JSON or email. URL encoding (percent-encoding) converts characters that are not allowed in URLs — such as spaces, &, =, and non-ASCII characters — into a %XX hexadecimal format. They serve different purposes: use Base64 when embedding binary in text, and use URL encoding when including special characters in a URL query string or path.
MD5 was once widely used but is now considered cryptographically broken — it is vulnerable to collision attacks, meaning two different inputs can produce the same hash. For security-sensitive purposes like verifying file integrity or signing data, SHA-256 is the recommended minimum standard. SHA-256 produces a 256-bit hash that is computationally infeasible to reverse or collide with current technology. For password storage specifically, neither MD5 nor SHA-256 should be used directly — use bcrypt, Argon2, or scrypt instead, as these are intentionally slow and resistant to GPU-based brute-force attacks.
A UUID (Universally Unique Identifier) is a 128-bit identifier standardized by RFC 4122. UUID v4 is randomly generated and is the most commonly used version — it has an extremely low probability of collision and does not reveal any information about the generating system or time of creation, making it suitable for most use cases including database primary keys and session tokens. UUID v1 is based on the current timestamp and the machine's MAC address, which makes it sortable by time but also leaks information about when and where it was generated. For most modern applications, v4 is preferred. If sortability matters (for indexed database columns), consider using ULID instead, which is also available on gotomars.app.
JSON and YAML are both data serialization formats used heavily in configuration files (Kubernetes, Docker Compose, GitHub Actions, etc.) and APIs. YAML is more human-readable but less strict about syntax; JSON is more verbose but unambiguous and universally supported. gotomars.app provides a bidirectional JSON ↔ YAML converter that handles nested objects, arrays, and special data types correctly. Simply paste your JSON or YAML, click the conversion direction, and copy the result. The tool also validates syntax and reports errors with line numbers, which is helpful for debugging malformed YAML files where indentation errors are common.
The tools on gotomars.app are powered by it-tools, an open-source project licensed under the GPLv3. This means the source code is publicly auditable — you can verify exactly what the tools do and confirm that no data is collected. gotomars.app hosts a maintained, always-updated mirror of it-tools with additional improvements and reliability enhancements. The GPLv3 license requires that derivative works also be open source, which ensures the project remains transparent and community-driven.
Hosting, domain registration, and ongoing maintenance have real costs. Rather than charging users a subscription fee or selling their data, we use Google AdSense to display non-intrusive advertisements. This allows us to keep every tool completely free for all users. Google AdSense may use cookies to show personalized ads based on your browsing history; you can opt out of personalized ads at any time via Google Ad Settings. We never sell or share your personal data with any third party beyond what is described in our Privacy Policy.
Please open an issue on our GitHub feedback repository. When reporting a bug, please include the name of the tool, the input you provided, the output you received, and the output you expected. Screenshots are also helpful. We typically respond within 1–2 business days and aim to fix confirmed bugs quickly. Feature requests for new tools are also welcome through the same channel.