Secret Scanner

Name: Erzo
Rating: 4.8 (127 reviews)

Paste code below to scan for leaked secrets. Nothing is sent to any server — all scanning happens in your browser.

What to paste here

Source files — .js, .ts, .py, .go, etc. — that may contain hardcoded credentials
Configuration files — .env, config.json, settings.py, application.yml
CI/CD files — .github/workflows/*.yml, Dockerfile, docker-compose.yml
Infrastructure-as-code — terraform.tfvars, *.tf, Helm values files

Detects AWS keys, GitHub tokens, Stripe keys, Supabase JWTs, database URLs, private key blocks, and 150+ other patterns. All scanning runs locally in your browser.

Your Code

Get a full RLS & security audit

We test every table, policy, and code pattern in your database automatically.