AppSec
🔑 API Key & Secret Detector
Paste code, config files, logs, or any text to instantly detect leaked API keys, tokens, and secrets across 35+ provider patterns. Nothing leaves your browser.
🔴 Findings
🖍️ Highlighted Source
📋 Detected Patterns
| Provider | Pattern Example | Severity |
|---|---|---|
| AWS Access Key | AKIA[0-9A-Z]{16} | Critical |
| AWS Secret Key | [0-9a-zA-Z/+]{40} | Critical |
| GitHub PAT | ghp_[0-9a-zA-Z]{36} | Critical |
| GitHub OAuth App | gho_[0-9a-zA-Z]{36} | High |
| OpenAI API Key | sk-[0-9a-zA-Z]{48} | High |
| Anthropic API Key | sk-ant-api03-... | High |
| Stripe Live Secret | sk_live_[0-9a-zA-Z]{24+} | Critical |
| Stripe Live Public | pk_live_[0-9a-zA-Z]{24+} | Medium |
| Slack Bot Token | xoxb-[0-9]{11}-... | High |
| Google API Key | AIza[0-9A-Za-z-_]{35} | High |
| JWT Token | eyJ[A-Za-z0-9_-]{10,}\.eyJ... | Medium |
| Private Key PEM | -----BEGIN PRIVATE KEY----- | Critical |