SecureLint – Secret Masking & Phishing Shield

Masks API keys, passwords & secrets in real-time. Blocks phishing, malware & data leaks. Enterprise DLP & browser security.

🔒 SECURELINT – SENSITIVE DATA PROTECTOR & PHISHING SHIELD SecureLint automatically detects and masks sensitive data — API keys, passwords, tokens, credentials, and personal information — as you type or paste into any web-based editor. It also blocks phishing sites, malware domains, and IT-restricted websites in real-time before they can reach you. ──────────────────────────────────────── 🌟 KEY FEATURES ──────────────────────────────────────── 🔍 Universal Editor Support Works across all major web editors and platforms: • Standard inputs, textareas, and contenteditable elements • Rich text editors: CodeMirror, Monaco, Ace, TinyMCE, CKEditor • Popular productivity, project management, email, and coding platforms 🎨 Editor Overlay • A subtle icon appears at the bottom-right of any active editor • Shows a live count of detected secrets, color-coded by severity • Hover to see exactly what was detected and the risk level • Non-intrusive — disappears when you are not in an editor 🛡️ Real-Time Phishing & Malware Protection • Blocks dangerous sites BEFORE they load using a 2.5M+ domain blocklist • 14-layer detection engine: bloom filter, URL heuristics, homograph/IDN analysis, typosquat detection, domain-age check, SSL certificate validation, and public transparency report checks • Page-content scanning for credential-harvesting, crypto-drainer, and social-engineering language • Beautiful warning page shows trust score, domain age, SSL status, blocklist status, and detailed detection reasons • If public safety checks confirm a site is safe, it is automatically unblocked — zero false positives from local heuristics 📧 Webmail Protection • Detects and masks secrets typed or pasted into email compose fields • Shows a DLP warning if sensitive content is detected before you send • Checks whether the email is addressed outside your organisation (Enterprise only) • All checks are local — no email body content is ever transmitted 🔗 Hovered Link Safety Score • Hover over any link to see an instant threat score before you click • Scans the domain in the background using GTR reputation, SSL checks, and local blocklist • Lightweight tooltip — safe score shown in milliseconds 🚨 4-Level Risk Classification • 🔴 Critical – Private keys, cloud provider credentials, certificate secrets • 🟠 High – Passwords, API keys, OAuth tokens, database URLs • 🟡 Medium – Emails, phone numbers, national ID numbers, connection strings • 🔵 Low – Generic tokens, test credentials, low-risk identifiers 🧠 Context-Aware Masking • Development Mode: Shows partial secrets (sk-1234****5678) for debugging • Content Writing Mode: Full masking (***API_KEY***) for blogs and documents • Automatically detects which mode applies based on URL, element type, and content ⚙️ Fully Configurable • Toggle detection globally or per-site • Set minimum severity level for auto-masking • Choose masking style: Smart, Full, Compliance-Safe, or Context-Aware • Exclude specific websites from scanning • Export detection reports 🔐 100+ Detection Patterns including: • Major cloud provider credentials and access keys • JWT tokens, OAuth access/refresh tokens • Database connection strings (relational, NoSQL, in-memory) • Private keys and certificates (RSA, EC, PGP) • Payment, messaging, and developer service API key formats • National ID numbers, credit card patterns, and PII ──────────────────────────────────────── 🏢 ENTERPRISE & PRO — FOR IT & SECURITY TEAMS ──────────────────────────────────────── SecureLint includes Pro and Enterprise tiers designed for organisations: 🚫 WAF Social & Content Blocking (Pro & Enterprise) • IT administrators define a blocklist of domains (social media, streaming, non-work sites) via the SecureLint admin panel • Users on managed devices are instantly blocked when navigating to listed domains — no page content loads • Domain lists sync every 60 seconds so policy changes take effect immediately • Domain-list blocks cannot be bypassed by end users 📧 Email DLP — Outbound Data Loss Prevention (Enterprise) • Monitors outbound emails on webmail clients for personal or non-approved recipient domains • Warns or blocks sending based on your IT security policy (WARN / BLOCK mode) • 50-second countdown warning with regulatory references (GDPR, DPDP Act, IT Act, CCPA) • Automatically adds the IT admin address to BCC if the user proceeds after a warning • Only recipient addresses are checked — email body and subject are never read or transmitted 🔞 Adult-Content Detection (Enterprise) • When enabled by IT, the extension scans visible page text locally for adult/explicit content • Pages with explicit material are blocked with a policy warning • No page content is ever transmitted — scanning is 100% in-browser 🛡️ Enterprise Incident Reporting • IT administrators can enable centralised incident reporting from within the extension settings • When enabled, the extension sends masked detection reports to the organisation's SecureLint security dashboard • Reports include: secret type, severity level, masked preview (e.g. AKIA****XXXX), page URL and title, and employee email — RAW SECRET VALUES ARE NEVER SENT • Allows the IT/security team to: – Detect recurring leak patterns across the organisation – Alert the employee and trigger secret rotation before damage occurs – Meet compliance and DLP (Data Loss Prevention) requirements • This feature is OFF by default — only an IT admin can enable it • Employees are notified via a visible "Enterprise Reporting ACTIVE" banner inside the extension popup ──────────────────────────────────────── 🔏 PRIVACY ──────────────────────────────────────── For Free and Pro individual users: • All detection, masking, and phishing checks happen 100% locally in your browser • No page content, typed text, or detected secrets are ever sent to any server • Phishing checks use only public, keyless transparency report endpoints — no user data is sent, only the URL is queried • Only your extension settings are synced if you create an optional account For Enterprise users: • Masked incident reports are sent to your organisation's admin dashboard only when your IT admin explicitly enables this • Domain lists are fetched from your organisation's settings via authenticated HTTPS • Raw secret values and page content are never transmitted — only masked previews and metadata • Full disclosure: https://securelint.in/privacy.html ──────────────────────────────────────── 👥 WHO IS THIS FOR? ──────────────────────────────────────── ✅ Developers – Catch hardcoded secrets before they leak in code reviews or collaboration tools ✅ Security Engineers – Enforce secret hygiene across teams working in web tools ✅ Content Writers – Mask sensitive info before pasting into documents or emails ✅ DevOps Teams – Prevent credentials from appearing in chat or ticket systems ✅ IT Admins – Deploy enterprise-wide DLP with centralised incident visibility, phishing protection, and site blocking ✅ Remote Workers – Stay protected from phishing and social engineering on managed devices ──────────────────────────────────────── 📋 PERMISSIONS EXPLAINED ──────────────────────────────────────── SecureLint requests only the permissions it needs: • Access to all websites: Required to detect secrets on any site and to run phishing checks on navigated URLs. All scanning is local. • Storage: Saves your settings, cached scan results, and domain lists locally. • Scripting: Reads visible page text locally for phishing content analysis and enterprise content scanning. Text is processed in-browser and never transmitted. • Web Navigation: Monitors navigation events to block known phishing domains before pages load and run security scans after pages load. • Tabs: Sends setting updates to open tabs and reads the active tab URL for phishing detection context. • Active Tab: Allows the popup to display live detection stats for the current page. • Alarms: Schedules periodic settings sync (every 60 seconds) and storage cleanup. • Notifications: Alerts you when a critical secret is detected (optional, can be disabled). • Downloads: Used only if you export a detection report to a file on your device. • Context menus: Adds "Scan page for secrets" and "Mask selected text" right-click options. Full permission and privacy details: https://securelint.in/privacy.html ──────────────────────────────────────── 🔗 LINKS ──────────────────────────────────────── • Website: https://securelint.in • Privacy Policy: https://securelint.in/privacy.html • Support / Feedback: support@securelint.in • Manifest V3 · Minimum Chrome 88+