Security
Secrets Leak Scanner
Paste code, config files, or log output to scan for exposed credentials. The scanner detects AWS keys, GitHub tokens, Stripe keys, JWT tokens, and more. Nothing is transmitted β the scan runs entirely in your browser.
No data is transmitted β everything runs locallyTool
About this tool
Secrets Leak Scanner
The Secrets Leak Scanner detects exposed AWS keys, GitHub tokens, Stripe keys, JWT tokens, and other credentials in code and config files, running entirely offline in your browser.
β’ Check a code snippet before committing to a repo
β’ Scan an environment file for accidentally hardcoded secrets
β’ Review a log export for leaked credentials
β’ Audit a config file before sharing with a contractor
Affiliate disclosure
Credential and secrets management for teams. 1Password provides enterprise password management and secrets infrastructure for development teams.
View secrets with 1Password
External site Β· Independent provider Β· We may receive a commission Β· Not a recommendation
FAQ
What does this tool tell you?
The Secrets Leak Scanner detects exposed AWS keys, GitHub tokens, Stripe keys, JWT tokens, and other credentials in code and config files, running entirely offline in your browser.
What affects the result most?
AWS Access Key (AKIA prefix, 20 chars). GitHub PAT (ghp_ / github_pat_ prefix). Stripe live key (sk_live_ prefix).
How should I use the result?
A positive detection is a signal, not a conclusion. Investigate each hit in context β the tool flags what matches known patterns, and a human has to decide whether the match is meaningful for this specific code or configuration.
Related tools