ZipToolView zip files online — 100% private

How to view the contents of a zip without extracting it

You can view the contents of a zip without extracting it in two broad ways: open the archive in an in-browser viewer that renders the file tree and previews individual files, or list the entries from your OS or the command line without ever writing them to disk. The point of both is to inspect before you commit to an extraction, so nothing lands in your filesystem until you decide it should.

Most people reach for this when they don't yet trust the source: an email attachment from an unknown sender, a customer-supplied archive under an NDA, a third-party library bundle, or a large release archive where you only need one file. Listing first means you avoid writing unknown files to disk, skip the disk-space cost of a full extract, and can find the single entry you actually care about without unpacking everything else.

Why view before extracting

Extracting blindly has three costs. The first is opsec hygiene: an untrusted archive can contain executables, scripts, or Office macros that only become live once they hit your disk and get opened. Listing first lets you see what is there before any file is written. The second is disk space: a 4 GB release archive that you only need one 200 KB config file from is wasteful to fully unpack. The third is navigation — a 50,000-entry archive is far easier to search in a tree view than to scatter across a folder.

The honest caveat: not extracting to disk reduces risk, it does not eliminate it. Previewing a file's contents is safer than blindly extracting it, but the contents themselves can still be malicious if you later act on them (open an extracted executable, run an extracted script, enable macros in an extracted document). Parsing the archive also still runs code — JavaScript in a browser tab, or a native parser on the command line — so a deliberately malformed archive could still try to exploit a parser bug. See security and privacy for the full picture.

  • Avoid writing unknown or untrusted files to disk before you have inspected them
  • Save disk space when you only need one file from a large archive
  • Quickly locate a single entry inside an archive with thousands of files
  • Inspect a customer- or vendor-supplied archive before committing to an extraction

Method 1: an in-browser viewer (ZipTool)

ZipTool is a 100% client-side zip viewer. The archive is parsed entirely in your browser by zip.js and is never uploaded to any server — there is no upload step, no backend, no storage. Once the page has loaded it keeps working with the network off. It handles .zip and ZIP-based containers like .apk, .epub, .jar, .whl, .xpi, .war, Office OOXML (.docx, .xlsx), and .kmz.

The advantage over a terminal listing is that you do not just see filenames — you can preview the contents of most files inline: source code with syntax highlighting, plain text, images, audio, video, and PDFs, plus nested zips (a zip inside a zip). The trade-off is that it is read-only and ZIP-only (no .rar, .7z, or .tar.gz).

  • Open ziptool.app — nothing to install, runs in any modern browser
  • Drag-and-drop the archive onto the page, use the file picker, or paste a URL (you can also deep-link with ?zip=<url>&file=<path> to load a remote archive and jump straight to a file)
  • The full file tree appears instantly in the sidebar. Use the search box to filter entries by name across the whole archive
  • Click any file to preview it inline — text and code render in a Monaco editor with syntax highlighting; images, audio, video, and PDFs render directly; nested .zip entries get an 'Add to zip list' button so you can browse them too
  • Nothing is written to your disk. Close the tab and the archive is gone. To actually save a file you would extract it separately by other means

Method 2: list and preview from the OS or command line

Your OS and the unzip tool can both list and peek without extracting. These are fast, scriptable, and work offline, but the preview is effectively text-only — there is no image or PDF rendering from the terminal.

On Windows, File Explorer treats a .zip like a folder. Double-click the archive and the entries appear as if browsed; you can select individual files and preview them in the preview pane without copying them out. On macOS, selecting a .zip in Finder and pressing Space opens Quick Look, but it shows the archive's own icon, not the contents — to browse inside you still need to mount or open it, which is where an in-browser viewer or the command line is more useful.

  • unzip -l file.zip — lists every entry with its size, date, and path. The -l means list; nothing is extracted. This is the fastest way to see the whole file tree from the terminal.
  • unzip -p file.zip path/to/file.txt — prints the contents of a single entry to stdout without extracting. Useful for reading one file (a README, a config, a source file) without unpacking the archive. Pipe it to a pager (unzip -p file.zip path/to/README.md | less) or redirect it where you want.
  • unzip -l file.zip | grep keyword — combine with grep to find one entry by name across a large archive.
  • tar -tf file.tar.gz and tar -xf file.tar.gz -O path/to/file — the equivalents for tarballs, if you also deal with .tar.gz; -t lists, and the capital -O writes a single entry to stdout instead of to disk.

Trade-offs at a glance

Pick the method that matches what you are trying to do. An in-browser viewer wins on privacy (no upload), zero install, and the ability to actually render files. The command line wins on speed, scriptability, and offline use — and it handles formats a browser viewer will not. OS built-ins sit in between and vary by platform.

  • In-browser viewer: no install, nothing uploaded, renders text, code, images, PDFs, and nested zips. Read-only, ZIP-based formats only, needs a browser.
  • Command line (unzip -l / -p): instant, scriptable, works offline, and handles remote boxes and SSH sessions. Preview is text-only; no image or PDF rendering.
  • Windows Explorer: browses a zip like a folder, select entries to preview. Windows-only.
  • macOS: Quick Look on a .zip shows the archive icon, not its contents — use a viewer or unzip -l instead.

A note on 'safer'

Listing and previewing without extracting is genuinely safer than blindly unpacking: you never give untrusted files a path onto your disk, so an executable or macro that lives inside the archive cannot be run unless you explicitly extract and open it. That is a real reduction in attack surface and it is worth doing as a habit for anything from an untrusted source.

But it is not a guarantee. If you read a file's contents and then act on them — copy a script out and run it, paste a config somewhere it gets executed, extract a document and open it with macros enabled — the contents can still be malicious. And parsing the archive itself still runs code (browser JavaScript, or a native parser), so a deliberately malformed archive could in theory exploit a parser bug. Preview first; treat the contents with the same caution you would treat any file from that source.

Frequently asked questions

How can I see what's inside a zip without extracting?

Two easy ways. Fastest from the terminal is unzip -l file.zip, which lists every entry with size, date, and path and writes nothing to disk. If you want to actually preview files (text, code, images, PDFs) rather than just see names, open the archive in an in-browser viewer like ZipTool: drag-and-drop the file (or paste a URL) and the full tree appears, with inline previews, and nothing is uploaded or written to disk. On Windows you can also double-click the .zip in Explorer to browse it like a folder.

How do I list zip contents in the terminal?

Run unzip -l file.zip. The -l flag means list — it prints the entry names, sizes, dates, and paths and extracts nothing. To read one file's contents without unpacking, use unzip -p file.zip path/to/file, which prints that entry to stdout (pipe to less or grep it). For tarballs, the equivalents are tar -tf file.tar.gz to list and tar -xf file.tar.gz -O path/to/file to print one entry to stdout.

Can I preview files inside a zip?

Yes, but it depends on the file type and the tool. An in-browser viewer like ZipTool renders text and source code with syntax highlighting, plus images, audio, video, PDFs, and nested zips — all without extracting. From the command line, unzip -p file.zip path/to/file prints a single entry to stdout, which works well for text and code but not for binary formats like images or PDFs. Windows Explorer lets you select entries inside a zip and preview them in the preview pane.

Is it safer to preview than to extract?

Previewing instead of extracting is safer in a specific sense: it avoids writing untrusted files to disk, so an executable or macro inside the archive never gets a path it can be run from. That is a real reduction in risk and a good habit for archives from untrusted sources. It is not a guarantee that nothing bad can happen — the file's contents can still be malicious if you later extract and act on them, and parsing the archive itself still runs code that could in theory have bugs. Preview first, then treat the contents with the same caution as any file from that source.