I built API Radar, a tool that scans public GitHub commits in real time to detect exposed API keys (OpenAI, Google, Claude, etc).
It’s fast, scalable, and tracks real leaks with contextual metadata and filtering.
So far: 9,600+ repos scanned, 280+ leaks detected, all ethically surfaced from public code.
I once leaked an API key and instantly got a mail from GitGuardian informing me of the leak. It was
a) super helpful as I wouldn't have known otherwise
b) it seemed like a clever way to spread their name/biz
thanks! built it solo - nextjs + fastify + mongodb mostly. scanner runs separate n just keeps scanning public github commits in real-time.
yea gitguardian's alerts are super useful, got one myself once too
api radar’s kinda diff tho - more like public dashboard vibes. anyone can just browse and see what kind of keys are leaking n where. useful if ur into redteaming, trends, or just curious lol
I once leaked an API key and instantly got a mail from GitGuardian informing me of the leak. It was a) super helpful as I wouldn't have known otherwise b) it seemed like a clever way to spread their name/biz
(in case that's helpful to your model)