LeakLens

LeakLens is a web app (with a lightweight CLI) that continuously scans your public attack surface for accidentally exposed web-app secrets and sensitive artifacts. It monitors GitHub/GitLab repos, container images, CI logs, public S3/GCS buckets, paste sites, and your own domains for API keys, JWT signing keys, database URLs, OAuth client secrets, and internal endpoints. When it finds a leak, it verifies risk with safe, non-destructive checks (e.g., key format validation, scope inference, optional test calls via customer-owned sandbox), then guides remediation: rotate, revoke, and add guardrails. It integrates with Slack/Jira and can open PRs to remove secrets and add secret-scanning rules. This is not a full “security platform”; it’s a focused, continuous leak detection and response tool that small teams can actually run without a security engineer.