Passive API key and secret discovery browser extension for Chrome and Firefox. 80+ detection patterns, zero config.

Catch leaked secrets and frontend exposure in CI, with SARIF for GitHub code scanning

BetterLeaks - scan the world for exposed secrets. High-performance secret scanner in Go. Find leaked API keys, tokens, credentials across public sources.

API Scraper — Hunt down leaked API keys in GitHub commits, validate them against live endpoints, and check remaining balances. Multi-service support for OpenAI, Anthropic, DeepSeek, Google Gemini, Mistral, AWS, and more. Features a dark-themed PyQt5 GUI with concurrent scraping, auto-export, and import of previous results.

🐕 Hunt leaked Shodan API keys across public GitHub and validate them live — zero-dependency Node.js.

🔐 Scan .env files and git history for accidentally committed secrets, API keys, and credentials. Pure Python, no dependencies.

A command-line tool to run global search lookups against the Flare API and export events and credentials to JSON or CSV. Uses Flare’s token-based auth and follows pagination so large result sets are fully exported.

Cloud-hosted Betterleaks for GitHub and S3 secret scanning with live vendor-API validation. Apify actor.