Secrets.Tools

How It Works

Secrets.Tools scans login pages for exposed secrets, API keys, and embedded URLs. This is where developers usually lack security knowledge and leave artificats behind.

When you scan a URL with our tool, our tool:

Analyzes JavaScript files for exposed secrets and credentials
Identifies API keys and tokens from over 50 popular services
Detects embedded emails and IP addresses that might be leaking
Discovers all external URLs and endpoints used by the application

Deep Scanning

Scans JavaScript files for secrets, emails, API keys, IP addresses, and embedded URLs.

Secret Detection

Identifies API keys, tokens, and credentials from over 50 popular services.

Common Use Cases

Security Audits: Perform quick security audits on login pages to identify exposed credentials, endpoints, emails, or IP addresses.
Vendor Risk Assessment: Evaluate third-party applications and services for exposed secrets, emails, or IP addresses.
Third-Party Integration Analysis: Identify external services and APIs that a login page connects to by viewing all external URLs.

Transparent Pricing

We believe in simple, straightforward pricing:

Start with 3 free scans
Pay-as-you-go at €0.10 per credit (1 credit = 1 scan)
Purchase credits in blocks starting at 50 credits (€5.00)
Credits never expire and can be used whenever you need them

Get Started Now

API Integration

Integrate our scanning capabilities into your own applications with our RESTful API:

/api/scan - Scan a URL for secrets, emails, IP addresses, and embedded URLs
/api/scan/id - Retrieve scan results by ID
/api/credits - Check your available credits

All API requests require your API key (available after signing up).

Need More Information?

Need a custom enterprise plan? Contact us at [email protected] for custom plans or technical support.