Drop your Postman collection. We will find exposed API keys, OWASP vulnerabilities, and estimate your security risk — instantly, for free, no account required.
Drop your Postman Collection JSON here
or click to browse · Supports Postman Collection v2.1
Detects BOLA, broken auth, injection, and more
Track token spend per endpoint and catch anomalies
Finds API keys, tokens, and passwords in collections