Privacy · Browser-local

PII Risk Scanner v2

Paste text, logs or JSON and identify sensitive patterns before sharing with AI tools, teammates or public tickets. Nothing leaves your browser.

Local onlyMask before pastePattern-based

Paste text to scan

Risk score
0/100

Paste text and scan.

Total matches
0

Emails, phones, IPs, keys, URLs and payment-like patterns.

Recommended action
Ready

Review masked output before publishing.

Detection summary

No scan yet.

Masked output

Pattern detail

TypeCountExamplesDefault mask

This is a pattern scanner, not a legal/privacy compliance guarantee. Always review output manually.

What this tool does

  • Scans raw text logs, JSON blocks, or support tickets for sensitive pattern markers.
  • Identifies emails, phone numbers, IP addresses, secrets/API keys, and resident numbers.
  • Replaces matches with standard placeholders (e.g. [EMAIL], [SECRET]) locally.
  • Keeps all processing inside your browser sandbox—no server uploads.

Best for

Developers, customer support representatives, and privacy managers sanitizing logs or files before pasting them into external AI engines, public ticketing systems, or chat channels.

Common use cases

🤖
LLM Prompt Prep

Scan log snippets, error traces, or code blocks for accidentally included API keys, tokens, or user PII before pasting into ChatGPT, Claude, or Gemini.

🎉
Support Ticket Sanitization

Review customer support logs for phone numbers, email addresses, and order IDs before escalating tickets to external vendors or public issue trackers.

💻
Code Review Sharing

Check code snippets for hardcoded credentials or env var values before sharing on Stack Overflow, Slack channels, or pair-programming sessions.

🔒
Security Audit Pre-check

Run a quick PII surface scan on exported JSON or CSV data files before handing them off to security teams or third-party auditors.

Privacy Notes & Verified Badges

Designed for browser-local processing No file upload No account required

This scanner runs client-side. No inputs are sent to our servers. Processing occurs entirely in temporary browser memory.

How to Use PII Risk Scanner

  1. Paste your raw log file or text into the input field.
  2. Click Scan risk to view count and pattern metrics.
  3. Click Mask detected patterns and copy the safe text.

Frequently Asked Questions (FAQ)

Are my logs or credentials uploaded?

No. The tool uses local JavaScript regular expressions to detect patterns. Your files and text do not leave your device.

Is this scanning list customizable?

The tool scans standard patterns (IPv4, emails, credit cards, standard API keys). For customized rules, feel free to suggest them on our GitHub Issues page.

Does it work offline?

Yes. Once the page is loaded, you can disconnect from the internet and continue scanning files offline.

Is it safe to copy passwords?

While the tool runs locally, we recommend avoiding copying raw plain passwords whenever possible as a best practice.

Related tools

Screenshot Privacy Cleaner → JS & CSS Minifier → Submit-Ready File Kit →

Technical Security Analysis of Local PII Risk Scanner v2 & Web Cryptography

Securing sensitive data requires robust client-side sanitization. Modern browsers provide the window.crypto API, enabling cryptographically secure pseudo-random number generation (CSPRNG) and hardware-accelerated encryption via Web Crypto standards. When you encrypt text or files, PBKDF2 derives key bytes from your passcode, and AES-256 GCM encrypts the payload, ensuring data integrity without sending keys to a backend server. Similarly, PII risk scanners use regex-matching queues to detect pattern structures like emails or credit cards, and mask them in-tab. Running security checks inside the client sandbox prevents telemetry leaks, protecting proprietary credentials, API logs, and customer database drafts from external interception.

Specifically, this PII Risk Scanner v2 utility is designed to find and mask emails, phones, ip addresses, tokens, api keys and payment-like patterns locally before pasting text into another app. It runs with zero server dependencies, ensuring complete security and zero latency.

How to Use

  1. Input your raw logs, JSON objects, files, or sensitive text strings into the secure local container.
  2. Define your parameters (e.g. choose PII masking levels, or input an encryption passcode for AES-256 GCM).
  3. The client-side cryptography engine processes the data instantly without sending packets over the network.
  4. Copy the sanitized text or download the encrypted secure bundle directly from your local browser tab.

Common Use Cases

PII-Sanitized LLM Prompting Find and mask sensitive names, API keys, or email addresses in log files before pasting them into external AI chats.
Passcode-Protected File Encryption Encrypt configuration files or confidential text blocks using AES-256 locally before sharing them via insecure channels.
Decoupled JWT Claims Verification Decode JSON Web Tokens in-browser to verify authorization claims without sending auth keys to online web decoders.

Frequently Asked Questions

How can I be sure my sensitive logs are not sent to any servers?

The page runs serverless on edge infrastructure, utilizing local JavaScript loops. Network inspect tools prove zero packets are sent during processing.

Is the AES-256 file encryption cryptographically secure?

Yes. It uses the standard Web Crypto API with Galois/Counter Mode (GCM), providing both confidentiality and integrity authentication.

What categories of PII can the scanner detect?

The local engine scans for emails, phone numbers, API keys, credit cards, social security numbers, and common database logs.

Can the local JWT decoder modify token contents?

No, it parses and decodes the Base64URL-encoded JSON structures locally to show claims without validating signatures against an external server.