Security Wave is a browser extension designed to enhance your web browsing safety by detecting and blocking access to malicious, phishing, and suspicious domains in real time. It leverages curated datasets and advanced detection logic to protect users from online threats.
- Real-Time Domain Scanning: Automatically scans visited domains and blocks access to known malicious, phishing, and suspicious sites.
- Trusted Domains Management: Allows users to maintain a list of trusted domains that are always allowed.
- Customizable Settings: Configure API endpoints and detection preferences via the options page.
- Visual Indicators: Badge and popup UI provide instant feedback on site safety.
- Parental Controls: Optional parental control features to restrict access to unsafe content.
- Multi-language Support: Localized messages for enhanced accessibility.
.
├── badge.js # Badge logic for browser toolbar
├── config.js # Configuration settings
├── manifest.json # Extension manifest
├── worker.js # Background worker for detection
├── _locales/ # Localization files
├── data/
│ ├── icons/ # Extension icons
│ ├── inject/ # Content scripts and detection logic
│ │ ├── api-config.js # API configuration
│ │ ├── phishingScan.js # Phishing detection logic
│ │ ├── suspiciousDomains.js # Suspicious domain logic
│ │ ├── block/ # UI for blocked pages
│ │ └── datasets/ # Domain datasets (malware, phishing, etc.)
│ └── ...
├── options/ # Options page UI and logic
├── popup/ # Popup UI and logic
├── ui/ # Additional UI components
├── *.md # Documentation files
- Malware Domains: List of domains known to distribute malware.
- Phishing Domains: List of domains used for phishing attacks.
- Suspicious Patterns: Regex patterns and heuristics for suspicious URLs.
- Trusted Domains: User-managed list of always-allowed domains.
- Domain Interception: The extension intercepts web requests and checks the domain against its datasets.
- Detection: If a domain matches a malicious or suspicious entry, access is blocked and a warning is shown.
- User Control: Users can whitelist trusted domains or adjust detection settings via the options page.
- Feedback: The badge and popup provide real-time feedback on the current site's safety status.
- Clone or download this repository.
- Open your browser's extension management page (e.g.,
chrome://extensions/). - Enable "Developer mode".
- Click "Load unpacked" and select the project directory.
- The extension should now be active in your browser.
- Click the extension icon to view the popup and see the current site's status.
- Use the options page to configure settings and manage trusted domains.
- Blocked sites will display a warning page with details.
- Add new detection logic: Edit or add scripts in
data/inject/. - Update datasets: Modify files in
data/inject/datasets/. - UI changes: Update HTML/CSS/JS in
options/,popup/, orui/folders. - Localization: Add or edit files in
_locales/.
Contributions are welcome! Please open issues or submit pull requests for bug fixes, new features, or improvements.
This project is licensed under the MIT License.
- Open source security datasets
- Browser extension development community
For more details, see the documentation files in this repository.