ZPST Features

Everything you need to share code and text — fast, private, and secure.

Create Free Account Try as Guest

Available to Everyone

No account needed.

  • Syntax highlighting — 37 languages including PHP, Python, JavaScript, SQL, Bash, Go, Rust, TypeScript, and more
  • Custom expiry — 5 minutes, 1 hour, 6 hours, 1 day, 30 days, or never
  • Password protection — lock any paste; bcrypt-hashed server-side
  • Burn after read — paste self-destructs after the first view, including any attached image
  • Visibility controls — Public, Unlisted, or Private
  • Image attachments — attach a photo or screenshot alongside your paste; stored on S3
  • Raw text view — every paste has a /raw/ URL returning plain text/plain for scripts and pipelines
  • Fork pastes — copy any public or unlisted paste as your own starting point
  • QR code — generate and download a QR code for any paste directly in the browser
  • Load files — upload any text or code file into the editor; language detected from extension
  • 15 syntax themes — 12 dark, 3 light, with live hover preview; saved to your session
  • Dark and light mode — toggleable UI theme saved to localStorage
  • Comments — leave feedback or questions on public pastes

Security & Privacy

Built with privacy in mind from the start.

  • Encrypted at rest — all paste content stored with AES-256-GCM encryption; a raw database dump reveals nothing without the key
  • HTTPS only — all traffic served over TLS; passwords and content never transmitted in plain text
  • Bcrypt passwords — account and paste passwords are hashed with bcrypt; never stored in plain text

Tor Hidden Service

ZPST is available as a .onion address via Tor Browser.

  • Full feature parity — the onion service runs the same codebase as the clearnet site
  • Account required — guest pasting is disabled on the onion address to prevent abuse; registration is free
  • Unlisted by default — pastes created over Tor are unlisted; public pastes are not permitted
  • End-to-end privacy — traffic never leaves the Tor network before reaching the server, combined with AES-256-GCM at rest

Registered Users

Free account — takes seconds.

  • Paste dashboard — browse, search, filter, and manage all your pastes in one place
  • Edit pastes — update content, title, language, visibility, or password at any time
  • Edit history — up to 25 snapshots saved per paste automatically on every edit
  • Split diff view — side-by-side or unified diff between any historical version and the current state; additions in green, deletions in red
  • Pin pastes — pin important pastes to the top of your dashboard
  • Folders — organise pastes into folders for easier management
  • Private pastes — visible only to you when logged in; inaccessible to anyone else even with the link
  • API key — generate and manage a personal API key from settings
  • GDPR data export — download a full JSON export of all your pastes and account data at any time
  • Account deletion — permanently delete your account and all associated data; immediate and irreversible

API & Clients

Integrate ZPST into your workflow.

  • JSON API — 13 actions covering create, get, update, delete, list, fork, history, and more; see the API docs
  • Image upload via API — attach images to pastes using multipart form data
  • Cursor pagination — stable keyset-based pagination on the list endpoint
  • Rate limit headers — every API response includes X-RateLimit-* headers
  • CLI clientzpst, a Bash script for creating and retrieving pastes from your terminal; install instructions
  • Firefox extension — create pastes from selected text, page source, page URL, or typed content; view your paste list; available on Firefox Add-ons
  • Android app — full-featured native app built with Jetpack Compose; supports all paste features including images, burn after read, edit history, and forking; available on Google Play
  • Source tracking — pastes record their origin (web, API, extension, Android, Tor) for visibility in your dashboard and admin panel