SecurityScan.dev – Rapid detection of leaked API keys and open Supabase/Firebase configurations

Summary: SecurityScan.dev scans Next.js and React apps on Supabase, Firebase, Vercel, and Netlify to detect exposed API keys, disabled Supabase RLS, open Firebase buckets, exposed environment files, and old subdomains within 20 seconds.

What it does

It analyzes your URL to identify leaks such as API keys in JavaScript bundles, public databases, open Firebase storage, exposed .env or .git files, and outdated subdomains with GitHub search links.

Who it's for

Indie makers and developers using Supabase, Firebase, or similar platforms who need to secure their web apps quickly.

Why it matters

It prevents costly security breaches by detecting leaks that can expose sensitive keys or data, potentially saving thousands of dollars.