Security Tools

Map Your API Key Blast Radius

Scan codebases and config files to discover every API key, map which services it touches, and visualize your true exposure before an incident happens.

Get Access β€” $25/mo

Cancel anytime. Instant access after payment.

πŸ”

Static Analysis

Parses JS, Python, YAML, .env, and more to surface every key.

πŸ•ΈοΈ

Dependency Graph

Visual map of which services each key can reach.

🚨

Blast Radius Score

Risk-ranked keys so you know what to rotate first.

Pro Plan

$25

/month Β· billed monthly

  • βœ“ Unlimited codebase scans
  • βœ“ Visual blast radius graphs
  • βœ“ Risk-ranked key reports
  • βœ“ Supports 10+ file formats
  • βœ“ Export reports as PDF/JSON
  • βœ“ Priority email support
Start Mapping Now

Frequently Asked Questions

What file types does the scanner support?

The scanner supports JavaScript, TypeScript, Python, Ruby, Go, YAML, JSON, .env files, Dockerfile, and most common config formats used in modern stacks.

Does my code leave my machine?

Analysis runs entirely in your browser using WebAssembly-based parsers. No source code is ever uploaded to our servers β€” only anonymized metadata for report generation.

How is blast radius calculated?

We trace each key through your codebase to identify every service endpoint, SDK call, and permission scope it touches, then score it by breadth of access and sensitivity of the services reached.