SecurityShrimp APEX Autor: SecurityShrimp LTD
APEX — the SecurityShrimp Anti-Phishing EXtension. Spot phishing before you fall for it.
Dostępne w Firefoksie na Androida™Dostępne w Firefoksie na Androida™
Metadane rozszerzenia
Zrzuty ekranu
O tym rozszerzeniu
SecurityShrimp APEX (Anti-Phishing EXtension) augments every page you visit
with context-aware warnings that help you spot phishing attempts
before you hand over a password.
It runs entirely in your browser. Nothing is sent to any server. No
telemetry. No accounts. No data collection of any kind.
WHAT IT CHECKS
• Look-alike domains. paypa1.com, goog1e.com, arnazon.com, tvvitter.com
— homoglyph tricks that fool a quick glance get flagged against the
top 20,000 sites on the web.
• Unicode / IDN domains. Punycode-encoded URLs (xn--...) are decoded
and shown so you can see what the address bar is actually rendering.
• Misleading link text. When a link reads "paypal.com" but actually
points at evil.example, a warning appears on hover.
• Insecure connections. HTTP-only sites get a warning before you type
anything sensitive.
• First-time visits. Sites you've never been to before are flagged so
you can pause and verify the address bar before entering credentials.
HOW IT HELPS YOU RECOGNIZE FAMILIAR SITES
Every domain you visit is shown alongside a unique color and emoji
fingerprint, derived locally from the domain name. Your bank, your
email, your work tools — each gets a stable visual signature you'll
start to recognize. If you ever land on a look-alike, the colors and
the emoji will be different, even if the name looks right.
CONFIGURABLE TO HOW YOU WORK
• Show tooltips on every input, only on password fields, or never.
• Whitelist specific sites or wildcards (paypal.com, *.google.com).
• Toggle the misleading-link warnings independently.
PRIVACY
Everything happens on your machine. The extension uses your browser
history (locally) to detect first-time visits, and downloads a public
list of the top 20,000 domains once a week from Majestic to power the
look-alike check. That list arrives bundled so the extension is
useful from the first second after install.
OPEN SOURCE
Source code: https://github.com/SecurityShrimp-LTD/anti-phishing-extension
Licensed GPLv3. Forked from the original ZecOps Anti-Phishing
Extension (unmaintained since 2022) and modernized for Manifest V3.
Found a bug or want to suggest a check? File an issue.
with context-aware warnings that help you spot phishing attempts
before you hand over a password.
It runs entirely in your browser. Nothing is sent to any server. No
telemetry. No accounts. No data collection of any kind.
WHAT IT CHECKS
• Look-alike domains. paypa1.com, goog1e.com, arnazon.com, tvvitter.com
— homoglyph tricks that fool a quick glance get flagged against the
top 20,000 sites on the web.
• Unicode / IDN domains. Punycode-encoded URLs (xn--...) are decoded
and shown so you can see what the address bar is actually rendering.
• Misleading link text. When a link reads "paypal.com" but actually
points at evil.example, a warning appears on hover.
• Insecure connections. HTTP-only sites get a warning before you type
anything sensitive.
• First-time visits. Sites you've never been to before are flagged so
you can pause and verify the address bar before entering credentials.
HOW IT HELPS YOU RECOGNIZE FAMILIAR SITES
Every domain you visit is shown alongside a unique color and emoji
fingerprint, derived locally from the domain name. Your bank, your
email, your work tools — each gets a stable visual signature you'll
start to recognize. If you ever land on a look-alike, the colors and
the emoji will be different, even if the name looks right.
CONFIGURABLE TO HOW YOU WORK
• Show tooltips on every input, only on password fields, or never.
• Whitelist specific sites or wildcards (paypal.com, *.google.com).
• Toggle the misleading-link warnings independently.
PRIVACY
Everything happens on your machine. The extension uses your browser
history (locally) to detect first-time visits, and downloads a public
list of the top 20,000 domains once a week from Majestic to power the
look-alike check. That list arrives bundled so the extension is
useful from the first second after install.
OPEN SOURCE
Source code: https://github.com/SecurityShrimp-LTD/anti-phishing-extension
Licensed GPLv3. Forked from the original ZecOps Anti-Phishing
Extension (unmaintained since 2022) and modernized for Manifest V3.
Found a bug or want to suggest a check? File an issue.
Ocenione na 0 przez 0 recenzentów
Uprawnienia i dane
Wymagane uprawnienia:
- Mieć dostęp do historii przeglądania
- Mieć dostęp do kart przeglądarki
- Mieć dostęp do danych użytkownika na wszystkich stronach
Opcjonalne uprawnienia:
- Mieć dostęp do danych użytkownika na stronie „downloads.majestic.com”
Zbieranie danych:
- Autorzy tego rozszerzenia twierdzą, że nie wymaga ono zbierania danych.
Więcej informacji
- Strony dodatku
- Wersja
- 2.1.1
- Rozmiar
- 261,72 KB
- Ostatnia aktualizacja
- 16 godzin temu (1 cze 2026)
- Powiązane kategorie
- Historia wersji
- Dodaj do kolekcji