PureDevTools

.env Secret Scanner

Scan code and config files for exposed API keys, passwords, and tokens — entirely in your browser

All processing happens in your browser. No data is sent to any server.

100% client-side. Your data never leaves your browser. All scanning is performed locally using pattern matching.

You need to check a configuration file or code snippet for accidentally exposed secrets before committing to Git or sharing with a colleague. This tool scans text for API keys, passwords, tokens, database URLs, and private keys using pattern matching — entirely in your browser.

Why Scanning Locally Matters

Pasting code that contains secrets into online tools is itself a security risk. If the tool sends your input to a server, your secrets are now exposed to a third party. This scanner runs entirely in your browser — no data is transmitted. The patterns are matched using regular expressions in JavaScript on your device.

What Gets Detected

The scanner checks for over 20 secret patterns across major providers:

How It Works

  1. Paste your .env file, code snippet, or log output into the input area
  2. The scanner matches each line against known secret patterns
  3. Results show the line number, secret type, severity level, and a masked preview
  4. Use “Copy Redacted” to get a version with all secrets replaced by [REDACTED]

Frequently Asked Questions

Does this tool upload my secrets anywhere? No. All scanning happens in your browser using JavaScript regular expressions. No network requests are made with your input data.

Can it detect custom secret formats? The scanner covers 20+ common patterns from major cloud providers and services. Custom or proprietary key formats may not be detected — always review results manually.

What’s the difference between this and the API Key Detector? The .env Secret Scanner is optimized for configuration files and environment variables. The API Key Detector focuses on secrets embedded in source code strings across multiple programming languages.

Related Tools

More Security & Privacy Tools