About LeakIX

This project goes around the Internet and finds services to index them.


  • How do you find leaks?

  • We have gather information on the Internet on the most common security misconfiguration currently open.

  • What is your goal?

  • We intend to provide a platform to fix misconfigurations leading to leaks and security issues by bridging the source, CERTs, hosting companies and researchers to solve the problem.

  • What is your disclosure policy?

  • We have a grace period of 30 days for every leak we find, during which:

    • Hosting companies and CERTs are warned if the leak is critical
    • Only trusted researchers can see and evaluate the leak
    After this period, the leak is considered public ( indexed by other parties multiple times ) and shows in our public index.

  • Why do you keep events in the index?

  • While our main intent is prevention, we believe it's a huge asset to security research and users to keep a history of what was once available to everyone on the Internet.


  • No user profile/sessions information shared

  • We're relying on signatures to auth you.
    However, if you decide to send a report, your profile will be linked with that report and displayed to members only.