Supaleak scans live websites for exposed API keys, tokens, JWTs, Supabase keys, and other sensitive data before attackers do. For teams shipping fast with vibe coding, it checks real JavaScript files, validates leaks, and sends alerts so you can fix issues before they reach production.
Features
- Detect API keys, tokens, JWTs, Supabase keys, and more
- Validates if leaked secrets are usable
- Scheduled scans (daily, weekly, custom)
- Email alerts on new leaks
- CSV export for audits
Rep+ started because a tiny friction kept slowing me down during testing. One extra tool, one extra setup step, repeated dozens of times. Curious what small annoyances others would love to eliminate in their day-to-day security or development work.
rep+ is a lightweight Chrome DevTools extension inspired by Burp Suite's Repeater, now supercharged with AI. I often need to poke at a few requests without spinning up the full Burp stack, so I built this extension to keep my workflow fast, focused, and intelligent with integrated LLM support.
