Détecteur de Fuite de Clés API — Outil en ligne gratuit
Scanne texte ou fichiers pour détecter des clés API exposées
Détecte les clés API OpenAI, Anthropic, AWS, GitHub, Stripe, Google exposées dans du texte. Scanner de sécurité, 100 % local.
📚 En savoir plus
Free API key leak detector — 20+ providers, 100% private
Outilolis API Key Leak Detector scans text for leaked credentials from 20+ providers. Perfect for code review, commit auditing, or verifying that a text sample (like a bug report) doesn\'t contain real keys. Everything runs in your browser.
How to use this tool
- 1
Paste text or code
Any text — code snippets, config files, commit diffs, chat logs, emails.
- 2
Review detected leaks
Each found key shows provider, severity, and risk. Click to highlight in text.
- 3
Rotate leaked keys immediately
If a key is confirmed leaked — rotate it NOW at the provider dashboard. Old keys are already in Git history + third-party logs.
Detected providers + formats
- OpenAI:
- sk-..., sk-proj-...
- Anthropic:
- sk-ant-...
- AWS:
- AKIA[0-9A-Z]16
- GitHub:
- ghp_, gho_, ghu_, ghs_, ghr_ (36 chars)
- Stripe:
- sk_live_, sk_test_, pk_live_, pk_test_
- Google:
- AIza... (39 chars)
- Slack:
- xoxb-, xoxp-, xoxa-
- SendGrid:
- SG.[21 chars].[43 chars]
- JWT tokens:
- eyJ[base64].eyJ[base64].[signature]
⚠️ If you found a leaked key
- Rotate immediately at the provider dashboard — don\'t just delete from code
- Audit logs for unauthorized use during the leak window
- Check Git history: key is likely in old commits — use
git filter-repoor BFG to purge - Nontify affected users if customer data was potentially accessed
- Add secret scanning to your CI/CD pipeline to prevent recurrence
Frequently Asked Questions
Which API keys does this detect?
Is this data sent anywhere?
False positives?
What if I found a leaked key?
Can I scan Git history?
git log -p | [this tool] after copying output, or tools like truffleHog / gitleaks for automated Git scanning.Do you detect passwords too?
password=, PASSWD, DB_PASS).À retenir
- API Key Leak Detector is a free, browser-based developer tool — scan text or files for leaked api keys — 20+ providers.
- Non signup, no downloads, no file uploads — your data stays on your device.
- Works on desktop, tablet, and mobile. Install as a PWA for offline access.
How to Use API Key Leak Detector
- Open the tool: Launch API Key Leak Detector on Outilolis — no account or download needed.
- Enter your data: Paste text, enter values, or select a file directly in your browser.
- Get instant results: Everything is processed locally — results appear immediately.
- Copy or download: Save your output or share it. Bookmark for quick access next time.
API Key Leak Detector — Quick Facts
- Prix
- Gratuit — sans limites, sans filigrane, sans paywall
- Confidentialité
- 100% dans le navigateur — aucune donnée n’est envoyée à un serveur
- Plateforme
- Tout navigateur moderne — desktop, tablette ou mobile
- Catégorie
- Développeur Outils on Outilolis
- Hors ligne
- Works offline after first visit (Progressive Web App)
| Caractéristique | Détails |
|---|---|
| Outil | API Key Leak Detector |
| Catégorie | Développeur |
| Inscription requise | Non |
| Téléversement de fichier | Aucun — traité dans le navigateur |
| Compatible mobile | Entièrement adaptatif |
| Coût | Gratuit pour toujours |
Why Use API Key Leak Detector?
You should try API Key Leak Detector for a quick, private way to scan text or files for leaked api keys — 20+ providers. All processing happens in your browser. Your files and data never leave your device. According to web.dev, client-side processing is the gold standard for privacy.
On the other hand, dedicated APIs or desktop tools suit batch processing better. They also handle server-side automation. For everyday tasks, browser tools offer the best speed, privacy, and convenience.