Google Gemini API Key Tester

This tester validates a Google Gemini API key by making a real authentication call to the Gemini API and listing every model your key can access alongside its context window and token limits. The key never leaves your browser — the request is fired directly to Google, not via Vulnsy. Useful for auditing leaked keys discovered during pentests, or sanity-checking a new key without writing throwaway code.

A valid key matches the format AIzaSy[A-Za-z0-9_-]{33}; if your input doesn't match, the tester rejects it locally before sending any request, saving an unnecessary API call.

Google Gemini API Key

Your key is sent directly to Google's API from your browser. It never touches our servers.

Enter your API key and click "Test Key" to validate it

Features

Instant Validation

Tests your key against Google's Gemini API with a real request to confirm it works.

Model Discovery

Lists all Gemini models your key has access to, including input and output token limits.

100% Client-Side

Your API key is sent directly to Google from your browser. It never touches our servers.