PhishGuard is a defensive Chrome and Edge browser extension that automatically scans webpages for phishing risk, shows browser warning banners, scores suspicious URLs, and gives users a clear risk report.
It was upgraded from the original Browser-Phishing-Risk-Analyzer into a polished browser security portfolio project with automatic page scanning, a custom neon shield icon, explainable risk findings, scan history, JSON report export, and Manifest V3 extension support.
PhishGuard is designed to feel like a lightweight browser security tool for students, staff, teachers, and support teams.
When a webpage loads, PhishGuard checks the URL and visible page signals in the background. If the page looks suspicious, it can show a warning banner directly on the page. The user can then click the PhishGuard extension icon to view the full risk report.
PhishGuard can:
- Automatically scan the current webpage
- Show a warning banner on risky pages
- Change the browser extension badge based on risk level
- Scan the current tab manually
- Scan a pasted URL manually
- Score phishing risk from 0 to 100
- Explain why a URL looks suspicious
- Review basic page signals like forms, password fields, and login wording
- Save recent scan history
- Export a JSON risk report
- Support classroom-safe phishing awareness demonstrations
PhishGuard runs automatically when a page loads.
Automatic behavior includes:
- Current-page URL analysis
- Page signal collection
- Extension badge status
- Green
OKbadge for low-risk pages - Yellow
!badge for watch-level pages - Red
!!badge for high-risk pages - On-page warning banner for watch-level and high-risk pages
- Full report available by clicking the extension icon
The popup remains the detailed review panel. The banner gives the user an immediate warning without requiring them to manually open the extension first.
PhishGuard must be loaded into Chrome before it can scan pages.
This GitHub version is installed locally using Chrome Developer Mode. It is not installed from the Chrome Web Store yet.
- Open Chrome.
- Go to:
chrome://extensions
- Turn on Developer mode in the top-right corner.
- Click Load unpacked.
- Select this project folder:
C:\github-audit\PhishGuard-Browser-Threat-And-Link-Risk-Analyzer
- Pin the PhishGuard extension to your browser toolbar.
- Open any webpage.
- PhishGuard will automatically scan the page in the background.
- If the page looks risky, PhishGuard can show a warning banner.
- Click the PhishGuard icon to view the full risk report.
- After changing code, return to
chrome://extensionsand click Reload on the PhishGuard extension.
PhishGuard must also be loaded into Edge before it can scan pages.
- Open Edge.
- Go to:
edge://extensions
- Turn on Developer mode.
- Click Load unpacked.
- Select this project folder:
C:\github-audit\PhishGuard-Browser-Threat-And-Link-Risk-Analyzer
- Pin the PhishGuard extension to your browser toolbar.
- Open any webpage.
- PhishGuard will automatically scan the page in the background.
- If the page looks risky, PhishGuard can show a warning banner.
- Click the extension icon to view the full risk report.
- After changing code, return to
edge://extensionsand click Reload on the PhishGuard extension.
You can also paste a URL directly into the extension popup and click Scan.
This is useful for:
- Classroom demonstrations
- Suspicious links copied from messages
- Links that do not load in the browser
- Explaining warning signs without visiting a real website
PhishGuard reviews indicators such as:
- Non-HTTPS pages
- URL shorteners
- Raw IP address links
- Many subdomains
- Unusual top-level domains
- Long URLs
- Many query parameters
- Urgency wording
- Account or password wording
- Possible brand lookalikes
- Login form signals
- Password input fields
- External link count
PhishGuard is defensive and educational.
It is intended for:
- Browser security awareness
- Student ICT demonstrations
- Defensive URL review
- Portfolio demonstrations
- Helpdesk-style phishing triage examples
It should not be used to generate phishing links, bypass controls, or test systems without permission.
- Chrome/Edge Manifest V3 extension
- Automatic current-page scanning
- Current-tab URL scanning
- Manual URL scanner
- Phishing risk score
- Low Risk / Watch Closely / High Risk labels
- Explainable warning cards
- Extension badge risk status
- On-page warning banner for suspicious pages
- Page signal collection
- Password field and login-signal awareness
- Scan history
- Clear history control
- Export JSON report
- Student safety reminder
- Custom neon shield-and-hook browser icon
- CI validation for manifest and JavaScript files
PhishGuard uses a custom neon yellow shield-and-hook icon to make the extension easier to recognize in Chrome and Edge.
Icon files:
icons/icon-16.pngicons/icon-32.pngicons/icon-48.pngicons/icon-128.png
| File / Folder | Purpose |
|---|---|
manifest.json |
Chrome/Edge extension configuration |
popup.html |
Extension popup UI |
popup.js |
Popup interaction, scan flow, history, and export |
riskEngine.js |
Defensive URL scoring logic |
content.js |
Page signal collector and warning banner injector |
background.js |
Extension lifecycle, badge state, and history clearing |
styles.css |
Popup styling |
icons/ |
Browser extension icon assets |
screenshots/ |
Portfolio screenshots |
.github/workflows/ci.yml |
Extension validation workflow |
Run these checks before pushing changes:
node --check ".\riskEngine.js"
node --check ".\popup.js"
node --check ".\background.js"
node --check ".\content.js"
node -e "JSON.parse(require('fs').readFileSync('manifest.json', 'utf8')); console.log('manifest ok')"PhishGuard demonstrates browser security awareness, explainable risk scoring, frontend security UX, extension development, and defensive phishing education.
It connects naturally to cloud/security support work because phishing is one of the most common entry points for account compromise, helpdesk escalation, and security awareness training.
PhishGuard Browser Threat & Link Risk Analyzer