LeakFinder

About

LeakFinder is a browser extension for live website security reconnaissance. It scans what the browser can see on the current site and flags client-side exposures that commonly lead to account compromise, API abuse, data leakage, and disclosure incidents.

It is built for developers, security engineers, and bug bounty researchers auditing staging or production websites.

What LeakFinder does
LeakFinder performs multi-source browser-side analysis and correlates findings into actionable risk outputs:

Scans browser-visible artifacts for secret/token exposure patterns
Audits CORS behavior and cross-origin trust weaknesses
Reviews security header posture from captured responses
Detects sensitive local/session storage and client-state leak indicators
Maps exposed endpoint patterns from observed traffic and page artifacts
Surfaces source-map and build artifact intelligence
Scores findings by severity + confidence + exploitability context
Provides export-ready outputs for triage, engineering handoff, and reporting
Core detection coverage
LeakFinder focuses on browser-observable risk classes, including:

API keys, tokens, and secret-like strings in responses/resources/state
JWT and auth token handling smells
CORS misconfiguration patterns (including overly permissive trust)
Missing/weak security headers (CSP/HSTS/frame/sniff/referrer/permissions)
Cookie security posture signals
Source-map exposure indicators
Sensitive query/URL artifact leaks
Client runtime leak vectors through storage/state/resource surfaces
Tabs and workflows
Findings: consolidated findings list with severity, confidence, and risk score
Attack Surface: endpoint/security-header/technology posture views
Network: captured request metadata relevant to security review
Console (Pro module): risky console output and runtime risk cues
Resources: client-side resource/state artifacts with direct actions
Pro Intel (Pro module): advanced intel cards and prioritization workflows
Pro: payment, restore, and Pro controls
Pro features (complete)
LeakFinder Pro unlocks a deeper operational workflow for real-world triage:

Aggressive scan mode for deeper/later-loading SPA coverage
High-confidence filtering for faster signal-to-noise reduction
Secrets-only filtering for token/key/secret-first workflows
Console Recon module for runtime console risk intelligence
Pro Intel module with expanded analysis cards, including:
Third-party risk lens
Client attack path hints
Drift/scan change awareness
Exposure heatmap
Shadow endpoint inference
Canary/test-secret indicators
Header quality scoring
Frontend trust-boundary risk cues
Source-map intelligence
Data classification breakdown
Vendor script policy audit
Fix-first prioritization
Build fingerprint hints
Runtime hook integrity signals
Coverage matrix (detectable vs heuristic vs active testing)
Advanced exports for engineering/security workflows:
JSON, CSV, Markdown, Postman
Proof packs
Redacted report variants
Delta report
Incident pack
Local replay/snapshot support
Payment and lifetime Pro unlock
LeakFinder Pro is a one-time lifetime unlock model.

User completes payment via PayFast
PayFast webhook/ITN confirms payment server-side
License is activated in backend/Supabase
User restores Pro in extension using payment email
Pro entitlement persists across reinstalls through license lookup
Intended use and scope
LeakFinder is intended for authorized testing and auditing of websites you own or have permission to assess.

It analyzes browser-visible client-side/security posture signals. It does not claim to replace server-side penetration testing, authenticated backend audit, or full DAST/SAST pipelines.

Why teams use LeakFinder
Fast browser-native exposure checks during release validation
Practical signal for frontend and platform teams
Immediate triage context with severity/confidence/risk scoring
Cleaner handoff to engineers through exportable evidence
Useful in CI-adjacent manual QA and security signoff passes