A modern Chrome extension that uses multi-layer detection (heuristics, optional ML, and API checks) to help identify potential phishing websites and keep users informed while browsing. The included dashboard provides a polished view of detections, stats, and settings.
Dashboard (static demo for UI): https://customphishingdetection.netlify.app/dashboard.html
- URL analysis (domain, subdomains, TLD, structure, IP-in-URL, entropy)
- Content analysis (forms, password fields, hidden elements, suspicious text)
- SSL indicators (HTTPS presence, simulated certificate checks)
- Optional reputation lookups (Google Safe Browsing, VirusTotal, PhishTank)
- Domain whitelist (skip trusted domains)
- Real-time analysis on page load
- Heading
- Centered title “Phishing Detection Dashboard” with animated shield icon
- Analysis metrics
- Safe URLs, Suspicious URLs, Phishing Attempts, Detection Rate
- Detection Summary
- Visual distribution bars and legend for Safe / Suspicious / Dangerous
- URL Check
- Robust input handling for any URL length (e.g., https://www.instagram.com/)
- Validates and displays long URLs smartly: full value is assessed; display is truncated for readability
- Recent Detections
- List/table with score, timestamp, and status chips
- API Configuration
- Buttons/flows for configuring and testing integrations
- Threat Intelligence
- Geographic Insights, Target Analysis, AI Defense Performance (live-style metrics)
Note: The demo shows the final UI/UX. Some detection pipelines use simulated data unless API keys are provided (see Settings > API Integration).
- Clone or download this repository
- Open Chrome and go to chrome://extensions
- Enable “Developer mode”
- Click “Load unpacked” and select the project folder
- Pin the extension and open a webpage to see scanning in action
- activeTab, scripting, webNavigation: run analysis at page load and exchange messages between scripts
- storage: persist settings, history, whitelist, and API configuration
- host_permissions: currently set to <all_urls> for demo coverage; narrow as needed for your deployment
- Open the extension’s Options (Settings) page
- Enter API keys if you want real reputation checks (Google Safe Browsing, VirusTotal, PhishTank)
- Toggle “Use enhanced detection” to enable the ML + API pipeline
- Manage your trusted domains whitelist
- content.js gathers page signals and triggers analysis
- background.js orchestrates basic heuristics and, when enabled, enhanced_detection.js
- enhanced_detection.js combines features (feature_extractor.js), optional ML scoring (ml_model.js), and API lookups (api_integration.js)
- popup shows the current page score; dashboard provides a full, visual overview
- Manifest v3, JS modules, no bundler required
- Key files:
- background.js, content.js, popup.{html,css,js}
- dashboard.{html,css,js}
- enhanced_detection.js, feature_extractor.js, ml_model.js, api_integration.js
- Demo uses simulated ML/API values unless keys are set; logic is structured for easy real-service wiring
Contributions are welcome! Please see CONTRIBUTING.md and our CODE_OF_CONDUCT.md.
If you discover a security issue, please follow our SECURITY.md to report it responsibly.
Licensed under MIT. See LICENSE. Attributions and third‑party notices are listed in NOTICE.md.
This project is for educational and research purposes. While it attempts to detect phishing websites, it cannot guarantee 100% accuracy. Exercise caution when entering sensitive information online.