A Chrome extension that helps detect potential phishing domains using advanced risk scoring algorithms. The extension analyzes various aspects of a domain including entropy, SSL certificates, and similarity to legitimate domains to determine its risk level.
- Real-time domain risk analysis
- Risk scoring on a scale of 0-10
- Visual indicators for different risk levels (Low, Medium, High)
- Detailed explanations for risk factors
- Domain similarity checking against known legitimate domains
- Entropy-based analysis for detecting DGA (Domain Generation Algorithm) domains
- Clone this repository or download it as a ZIP file
- Open Chrome and go to
chrome://extensions/ - Enable "Developer mode" in the top right corner
- Click "Load unpacked" and select the extension directory
- Click the extension icon in your Chrome toolbar while on any website
- The extension will automatically analyze the current domain
- View the risk score and detailed explanations
- Pay attention to any warnings or suspicious patterns detected
- 0-3.9: Low Risk (Green)
- 4-6.9: Medium Risk (Yellow)
- 7-10: High Risk (Red)
The extension uses several methods to analyze domains:
- Levenshtein distance for string similarity
- Jaccard similarity for n-gram comparison
- Shannon entropy calculation
- SSL certificate verification
- Known legitimate domain comparison
manifest.json: Extension configurationpopup.html: Extension UIpopup.js: UI logicbackground.js: Core analysis logicdata/legit_domains.txt: List of known legitimate domains
To modify the extension:
- Make your changes to the relevant files
- Go to
chrome://extensions/ - Click the refresh icon on the extension card
- Test your changes
Feel free to submit issues and enhancement requests!