Launched this week
Supaleak
Secret scanning for shipped-too-fast websites
12 followers
Secret scanning for shipped-too-fast websites
12 followers
Supaleak scans live websites for exposed API keys, tokens, JWTs, Supabase keys, and other sensitive data before attackers do. For teams shipping fast with vibe coding, it checks real JavaScript files, validates leaks, and sends alerts so you can fix issues before they reach production. Features - Detect API keys, tokens, JWTs, Supabase keys, and more - Validates if leaked secrets are usable - Scheduled scans (daily, weekly, custom) - Email alerts on new leaks - CSV export for audits
Everyessay
Hey Abdelhadi 👋 Wow, love the idea of catching leaks before they hit production. Super useful for vibe coding teams! Curious—does Supaleak also suggest fixes, or just alerts? And how fast can it scan big projects?
@iamnabilazra Hey Nabil! 👋 Thanks a lot, really appreciate it.
It’s super fast even on big projects. The nice part is you don’t just get a one-off scan, you can schedule scans and get notified by email if something new is detected.
For now, we keep recommendations simple: the main one is don’t leak secrets in the first place 😄 That said, I’m actively working on adding a dedicated recommendations section to help vibe coders understand what to fix and how to fix it more easily.