Introducing LeakScope: A Security Scanner for Supabase Applications
Introducing LeakScope, again.
we've been updating it : )
LeakScope is a security scanner built for Supabase applications. Paste your app's public URL, and it checks what an attacker can learn from the outside—from exposed keys and public data access to weak RLS, leaked credentials, and insecure frontend configuration.
We've introduced two scanning modes:
Light Scan — Paste a public app URL to instantly check for exposed keys, public data exposure, leaked credentials, weak RLS, and risky frontend configuration. No account required.
Deep Scan — Authenticate to validate Row Level Security, test BOLA/IDOR, analyze JWT security, and generate detailed reports for real security validation.
Whether you're a solo founder, indie hacker, or vibe coder shipping MVPs at 2 AM, LeakScope gives you a fast way to see what your app is exposing before everyone else does.
1,936 websites scanned.
13,679 security findings identified.
Try it out at leakscope[.]tech