This tool scans JavaScript code for API keys, tokens, secrets, and sensitive data. Perfect for bug bounty reconnaissance and security testing. Paste JS code or enter a URL to fetch and analyze.
Paste JavaScript Code
JavaScript File URL
Results
Analyzing JavaScript code...
Results will appear here after scanning...
What this tool finds:
API Keys
AWS, Google, Stripe, GitHub, and 20+ other services
Tokens
JWT, OAuth, Bearer tokens, and authentication secrets
Credentials
Passwords, database connections, and hardcoded secrets
URLs & Endpoints
Internal APIs, admin panels, and sensitive endpoints
Perfect for:
- Bug bounty reconnaissance and enumeration
- Security audits and penetration testing
- Code review and vulnerability assessment
- Finding exposed secrets in client-side code
- Analyzing third-party JavaScript libraries