Paste secret scan

Client

A read-only pass over plain text: where sensitive-looking substrings appear, with line numbers and masked previews. When you need a redacted copy, use paste redact.

Report-only workflow

Matches follow the same order as the redaction tool so overlapping spans are not double-counted. Use the checklist to toggle categories when you know part of the paste is benign.

Plain text

?

This only lists likely matches with masked previews—it does not modify your text. Use paste redact to produce a shareable copy. Patterns are regex heuristics, not a full DLP audit.

Categories

Matches: 5(email 1, phone 1, jwt 1, bearer 0, URL 1, vendor 1)

Sensitive pattern matches
#KindLine:colPreview
1Email3:8enginee…example
2Phone4:91 (415)…55-0199
3URL user:pass5:6https:/…/job/42
4JWT6:23eyJhbGc…gnature
5Vendor-style key7:6sk-1234…6789012

Common use cases

  • Review a log or ticket paste for obvious leaks before opening it in a chat assistant.
  • Decide whether redaction is needed by counting JWT and Bearer hits at a glance.
  • Pair with JSON key redact when the payload is structured data.

Common mistakes to avoid

  • Assuming “zero matches” means safe

    Hex blobs, private keys in odd formats, or renamed variables can still be sensitive. This tool only catches common regex shapes.

  • Sharing the original text after scanning

    Scanning does not remove secrets. Copy from the redact tool when you need a clean version.

FAQ

Is text sent to a server?

No. Matching runs entirely in your browser.

Why previews look truncated?

Long tokens are shortened in the table so you can spot the kind of leak without expanding full secrets on screen.

Common search terms

Phrases people search for that match this tool. See the full long-tail keyword index.

  • find secrets in pasted log
  • scan text for api keys offline

More tools

Related utilities you can open in another tab—mostly client-side.