TechPulseTechPulse

Zero-Knowledge Secrets Scrubber

Detect and redact API keys, tokens, PII and secrets from logs, code, and config files.

Zero-Knowledge Architecture

Your text is scanned using regex patterns directly in your browser's memory. We cannot see, log, or transmit your secrets β€” even if we wanted to. Verify in DevTools β†’ Network Tab.

You can also drag & drop .log .txt .env .json .yaml .py .js .ts .sh files

Why you must scrub secrets before sharing code and logs

Every day, developers accidentally leak production API keys, database connection strings, and authentication tokens by pasting unsanitized logs into StackOverflow, GitHub Issues, Slack channels, and AI assistants like ChatGPT. A single exposed AWS Access Key can lead to a six-figure cloud bill within hours from cryptocurrency mining bots that scan public repositories and forums 24/7.

Enterprise environments enforce Data Loss Prevention (DLP) policies, but existing solutions are either expensive SaaS tools (that ironically require uploading your sensitive data to their servers) or CLI tools that are too cumbersome for quick, ad-hoc sanitization before sharing a log snippet.

How Our Local Scrubber Protects You

  • Regex-Powered Detection: We use battle-tested patterns from open-source security tools like TruffleHog and Gitleaks to identify AWS keys, GCP tokens, Stripe keys, JWTs, RSA private keys, and more.
  • Instant Redaction: One click replaces all detected secrets with [REDACTED] tags, producing a safe-to-share copy of your text.
  • PII Compliance: Detects personally identifiable information including email addresses, IBANs, credit card numbers, and IP addresses β€” critical for GDPR and SOC 2 compliance.

The Security Paradox: Using a cloud-based DLP tool to scrub your secrets means uploading those secrets to yet another server you don't control. Our tool eliminates this paradox entirely β€” your data never leaves your device. Disconnect your Wi-Fi after loading this page and it will continue to work flawlessly.

Frequently Asked Questions (FAQ)

Are my secrets uploaded to any server?

Absolutely not. The scrubber runs entirely in your browser using regex pattern matching. No network requests are made with your data. You can verify this by checking the Network tab in Chrome DevTools.

What types of secrets can it detect?

AWS Keys, API tokens, JWTs, private keys (RSA/PGP), IBANs, credit card numbers, email addresses, IPv4/IPv6 addresses, and common password patterns in config files.

Can I use this before pasting logs into ChatGPT?

Yes, that is one of the primary use cases. Scrub your logs and code snippets locally before sharing them with any AI assistant, forum, or external consultant.