Tools

Encode and decode Base64, URL encoding, HTML entities, Hex, and Unicode escapes. Auto-detects encoded input. Secret detection built in. 100% client-side.

Build, decode, and test cron expressions visually. See next run times with timezone support. GitHub Actions mode included. 100% client-side.

Format, beautify, minify, and validate JSON with a collapsible tree view. Detects leaked API keys, tokens, and secrets. 100% client-side.

Visually build Content Security Policy headers with presets and recommendations, or validate existing CSPs with a security grade. 100% client-side.

Paste any text — code, logs, configs — to instantly detect leaked API keys, passwords, and tokens. 100% client-side.

Detect leaked API keys, weak passwords, and misconfigurations in your .env files. 100% client-side — your secrets never leave your browser.

Scan .env files from your terminal. Zero dependencies, CI-friendly exit codes.

npx halfday-env-scan .env

Add env scanning to your CI pipeline. Fails the build when secrets or misconfigurations are detected.

uses: halfday-dev/env-validator@main

Block commits with leaked secrets before they hit version control. Works with the pre-commit framework.

- repo: https://github.com/halfday-dev/env-validator
  hooks:
    - id: env-scan