HomeSecurity Scanners
Security Scanners
Detect XSS, secrets, and vulnerabilities.
16 Tools Available
AWS Access Key
Matches AWS Access Keys.
/AKIA[0-9A-Z]{16}/
AWS Secret Key
Matches AWS Secret Keys.
/[0-9a-zA-Z/+]{40}/
Google API Key
Matches Google API Keys.
/AIza[0-9A-Za-z-_]{35}/
Stripe Key
Matches Stripe Secret Keys.
/sk_live_[0-9a-zA-Z]{24}/
Slack Token
Matches Slack Tokens.
/xox[baprs]-([0-9a-zA-Z]{10,48})/
RSA Private Key
Matches RSA Keys.
/-----BEGIN RSA PRIVATE KEY-----/
SSH Private Key
Matches SSH Keys.
/-----BEGIN OPENSSH PRIVATE KEY-----/
Generic API Key
Matches generic API keys.
/api_key\s*[:=]\s*["'][a-zA-Z0-9]{20,}["']/
JWT Token
Matches JSON Web Tokens.
/ey[A-Za-z0-9-_=]+\.ey[A-Za-z0-9-_=]+\.[A-Za-z0-9-_.+/=]*/
Basic Auth
Matches Basic Auth headers.
/Authorization:\s*Basic\s+[a-zA-Z0-9=]+/
Password in URL
Matches credentials in URLs.
/https?://[^:]+:[^@]+@/
Internal IP
Matches internal IP leak.
/192\.168\.\d{1,3}\.\d{1,3}/
SSN Simple
Matches US SSN format.
/\d{3}-\d{2}-\d{4}/
Credit Card Check
Matches formatted CCs.
/\d{4}-\d{4}-\d{4}-\d{4}/
MD5 Hash Scanner
Matches MD5 hashes.
/^[a-f0-9]{32}$/
JWT Header
Matches JWT Auth header.
/^Authorization:\s*Bearer\s+ey/