All activity
Bour Abdelhadileft a comment
Hi Patrick, congrats on the launch! I was taking a look and noticed you’re using Supabase. Just a quick heads-up, it looks like there may be some exposed data and possibly a few tables that don’t have RLS enforced yet. I actually launched a small tool today called Supaleak that helps detect exposed secrets and Supabase misconfigurations like this. Might be worth a quick check to be safe.
NutgrafeThe news, reduced to what matters.
Bour Abdelhadileft a comment
Hey everyone! 👋 I’m excited to share Supaleak, a tool that scans live websites to detect exposed API keys, tokens, JWTs, Supabase keys, and other sensitive data before attackers do. Teams shipping fast with vibe coding often have secrets slip into production by accident. Supaleak monitors your real JavaScript files, validates leaks, and sends alerts so you can fix issues quickly. I’d love to...
SupaleakSecret scanning for shipped-too-fast websites
Supaleak scans live websites for exposed API keys, tokens, JWTs, Supabase keys, and other sensitive data before attackers do. For teams shipping fast with vibe coding, it checks real JavaScript files, validates leaks, and sends alerts so you can fix issues before they reach production.
Features
- Detect API keys, tokens, JWTs, Supabase keys, and more
- Validates if leaked secrets are usable
- Scheduled scans (daily, weekly, custom)
- Email alerts on new leaks
- CSV export for audits
SupaleakSecret scanning for shipped-too-fast websites
Bour Abdelhadileft a comment
Rep+ started from a very practical frustration. I love Burp Suite’s Repeater, but in many cases I only needed to poke at a few requests quickly. Spinning up the full Burp stack felt heavy when I was already working inside the browser and DevTools. I wanted something lightweight that lived closer to where requests actually happen. So I built Rep+ as a Chrome DevTools extension inspired by...
rep+Your AI security copilot for HTTP requests.
rep+ is a lightweight Chrome DevTools extension inspired by Burp Suite's Repeater, now supercharged with AI. I often need to poke at a few requests without spinning up the full Burp stack, so I built this extension to keep my workflow fast, focused, and intelligent with integrated LLM support.
rep+Your AI security copilot for HTTP requests.
Bour Abdelhadistarted a discussion
How do you test HTTP requests without breaking your flow?
Rep+ started because a tiny friction kept slowing me down during testing. One extra tool, one extra setup step, repeated dozens of times. Curious what small annoyances others would love to eliminate in their day-to-day security or development work.