30-second guide
- Copy logs or configuration text and paste into the tool.
- Click “Redact” and review the output.
- Share only the redacted output.
Tip: run a quick search for sk- or AKIA before posting.
Supported patterns
- Bearer tokens (Authorization header / Bearer prefix)
- JWTs (
eyJ...format) - PEM private keys (BEGIN/END PRIVATE KEY)
- API key examples:
sk-,sk_live_,ghp_,AKIA - Labeled secrets like
api_key=,token:, orpassword=
What it doesn’t do
- No guarantee of catching every secret.
- Doesn’t scan images or screenshots.
- Doesn’t validate or revoke tokens.
Privacy
Runs locally in your browser. Nothing is uploaded.