Pricing

Pay per usage

Nhost Security Scanner — Find public Hasura GraphQL leaks

Probes a public Nhost project's Hasura GraphQL endpoint for tables readable by anon role. Detects the #1 cause of Nhost data leaks: forgotten Hasura permission policies. Returns table-level counts + curl reproducer. Counts only.

Pricing

Pay per usage

Rating

0.0

(0)

Developer

Renzo Madueno

Actor stats

Bookmarked

Total users

Monthly active users

5 days ago

Last modified

Categories

Developer tools

This Actor‘s pricing details are outlined in the table below. The unit prices you pay depend on your Apify subscription plan, with higher tiers offering better rates. Visit our pricing page to compare plans and see how much you can save.

Pricing	Free No discount	Starter Bronze discount	Scale Silver discount	Business Gold discount
Compute units (CU)	$0.20 / CU	$0.20 / CU	$0.16 / CU	$0.13 / CU
Actor RAM	8 GB	32 GB	128 GB	256 GB
Max concurrent runs	25	32	128	256
Rented Actors		Deducted from prepaid usage	Deducted from prepaid usage	Deducted from prepaid usage
Residential proxies	$8.00 / GB	$8.00 / GB	$7.50 / GB	$7.00 / GB
Datacenter proxies	5 IPs included	30 IPs included then $1.00 / IP	200 IPs included then $0.80 / IP	500 IPs included then $0.60 / IP
SERPs proxy	$2.50 / 1,000 SERPs	$2.50 / 1,000 SERPs	$2.00 / 1,000 SERPs	$1.70 / 1,000 SERPs

This Actor's pricing details are outlined in the table below. The unit prices you pay depend on your Apify subscription plan, with higher tiers offering better rates. Visit our pricing page to compare plans and see how much you can save.

Costs
Platform usage Platform usage costs are tied to the Actor's performance in terms of the underlying platform resources it consumes. Learn more	Variable costs cheaper for higher plans.

Hasura Security Audit - Find Open Anonymous Roles (Nhost) Free

renzomacar/nhost-security-auditor

Audit any Hasura instance (self-hosted or Nhost) for tables with anonymous-role permissions, missing column filters, and unprotected mutations. Live GraphQL probe confirms what's exposed. HTML report with paste-ready permission snippets. Free.

Renzo Madueno

Supabase RLS Security Scanner — Find anonymous data leaks

renzomacar/supabase-rls-scanner

Probes a public Supabase project for Row-Level-Security misconfigurations. Detects tables readable by the anon key — the #1 cause of Supabase data leaks. Returns row counts + a curl reproducer per finding. Counts only, no row data exfiltrated.

Renzo Madueno

Appwrite Security Scanner — Find public collection leaks

renzomacar/appwrite-security-scanner

Probes a public Appwrite project for collection permission misconfigurations. Detects collections readable by guest role via /v1/databases/*/collections/*/documents. Returns counts + curl reproducer. Counts only, no data exfiltrated.

Renzo Madueno

Firebase Security Scanner — Detect public Firestore/RTDB leaks

renzomacar/firebase-security-scanner

Probes a public Firebase project for misconfigured Security Rules. Detects Firestore collections and Realtime Database paths readable without auth — the #1 cause of Firebase data leaks. Returns counts + curl reproducer per finding. Counts only, no data exfiltrated.

Renzo Madueno

PocketBase Security Scanner — Find public collection leaks

renzomacar/pocketbase-security-scanner

Probes a public PocketBase instance for misconfigured collection rules. Detects collections readable without auth via /api/collections/*/records. Returns counts + curl reproducer. Counts only, no data exfiltrated.

Renzo Madueno

GraphQL Extractor

jupri/graphql-extractor

💫 Universal GraphQL Scraper

cat

Supabase Security Audit - Find RLS Leaks Free

renzomacar/supabase-security-auditor

Audit any Supabase project for missing RLS, public tables, dangerous SECURITY DEFINER functions, public storage buckets, and over-permissive policies. Active anon probe confirms live leaks. HTML report with paste-ready fix SQL. Read-only token, never persisted. Free.

Renzo Madueno

Appwrite Security Audit - Find Public Collections Free

renzomacar/appwrite-security-auditor

Audit any Appwrite project (cloud or self-hosted) for collections with over-permissive document-level permissions, public reads, and anonymous writes. Active anon fetch confirms live leaks. HTML report with paste-ready fix snippets. Free.

Renzo Madueno

Leetcode Graphql Apify Actor

euphoric_melody/leetcode-graphql-apify-actor

Kapil

PocketBase Security Audit - Find Open API Rules Free

renzomacar/pocketbase-security-auditor

Audit any PocketBase instance for collections with empty (public) list/view/create/update/delete rules and over-permissive endpoints. Active anon fetch confirms live leaks. HTML report with paste-ready collection rule snippets. Free.

Renzo Madueno