PII detector

Paste a JSON event. See exactly which fields would be flagged as PII and how they would be redacted before storage.

Paste a JSON event — an error payload, a request log, anything — and this tool walks every leaf string and reports which fields would be flagged as PII and how they would be redacted before storage. It covers email, phone, SSN, Luhn-validated credit cards, IPs, JWTs, bearer tokens, AWS keys, PEM private keys, and sensitive field names (password, cookie, token, ssn…). The same redaction engine runs at ingest in GlitchReplay so you can scrub PII before it ever leaves the browser — useful for GDPR, HIPAA, and PCI scope reduction.

Runs entirely in your browser. Inputs never leave this page.

Conservative: matches replaced with [REDACTED:rulename] so you can see exactly which rule fired.

Paste a JSON event to start. The tool runs entirely in your browser — no data is sent anywhere.

Want this on every error automatically?

GlitchReplay does this on every event you capture. Sentry-SDK compatible, flat-rate pricing, session replay included — built on Cloudflare so a bad deploy will never blow up your bill.

Get started — free Read the docs