All activity
I kept seeing indie makers lose thousands because of one exposed Stripe/OpenAI key or disabled Supabase RLS.
Stupidly fast scanner made exactly for Next.js / React apps on Supabase, Firebase, Vercel, Netlify.
Drop your URL → in 20 seconds it tells you if you’re leaking:
API keys in JS bundle
Supabase RLS disabled (actually tests if DB is public)
Open Firebase buckets & RTDB
Exposed .env, /.git, admin panels
Old subdomains + GitHub search links for leaks
One scan can save you $10k+ in minutes.
SecurityScan.devFind leaked API keys & open Supabase/Firebase in 20 seconds
Marcin Tleft a comment
Just scanned my own side project and found my OpenAI key exposed for 4 months 🤦♂️ Fixed in 2 minutes. If you’re building anything with Supabase or Firebase - run this right now. Takes 20 seconds and it’s free. https://securityscan.dev
SecurityScan.devFind leaked API keys & open Supabase/Firebase in 20 seconds