Drag the red button below to your bookmarks bar. On any page, click the bookmark to scan the page's HTML and visible text for patterns matching common API keys, tokens, and credentials. Findings appear in an alert. Useful for auditing your own pages before deploy, and for finding accidentally-exposed keys in source maps, comments, or copy-pasted error messages.
Drag this to your bookmarks bar:
If your browser doesn't support drag-to-bookmarks, create a new bookmark with this URL:
Paste any text (HTML, JSON, source code, error logs) and click Scan. Same patterns the bookmarklet uses.
Pattern matchers for common credential formats. False positives are possible; review every finding.