SentinelDLP — by Kerr

Auto-redact sensitive data before pasting anywhere. By Kerr (github.com/kerr20801)

🛡️ SentinelDLP — Local Data Loss Prevention for Your Browser We've all seen it: a developer accidentally pastes a debug snippet, configuration file, or log into Slack, Discord, Teams, or a GitHub issue, only to realize later that it contained a database password, a private IP, or a production API token. It’s not malicious — it’s just habit. Training doesn't override habit. Tooling does. SentinelDLP safely hooks into paste events and scans for 18 sensitive data types locally in your browser memory before your text lands anywhere. 💡 Key Features: • Zero Telemetry & Privacy First: Everything stays on your machine. Your clipboard contents are never uploaded, logged, or sent to any external server. • Pure Performance: Built with Vanilla JS (Manifest V3) with zero dependencies. Light, fast, and secure. • Interactive Control: When sensitive data is detected, an overlay instantly shows what was caught and provides a sanitized version ready to copy. You choose whether to proceed or paste the clean text. 🌐 Scans for 22+ Sensitive Data Types: - Private IPs (10.x / 192.168.x / 172.16-31.x) - SSH Targets (root@ip, etc.) - GitHub / GitLab Tokens - AWS Access Keys - JWT Tokens - Telegram Bot Tokens - Connection Strings (PostgreSQL, Redis, MongoDB, etc.) - Private Key Headers (SSH, SSL/TLS) - FortiGate ENC, PSK, and heuristic password fields - Credit Cards (Visa, Mastercard, Amex, UnionPay, JCB) - IBAN / SWIFT Codes (International Bank Account) - Taiwan Bank Accounts & Phone Numbers - Internal Domains & Sensitive Linux Paths This is an open-source tool that brings critical DLP capabilities to where leaks happen most—your browser input fields. --- 🛡️ SentinelDLP — 防止敏感憑證外洩的在地端網頁防護工具 工作上遇過太多次這個場景：同事在除錯（Debug）時把系統日誌或設定檔貼進通訊軟體，裡面卻夾著 Redis 密碼、內網 IP 或雲端 API Token。這不是故意的，就只是純粹的習慣動作。 教育訓練擋不住習慣，但自動化工具可以。 SentinelDLP 在你按下貼上的那一刻，會自動在瀏覽器記憶體內掃描並過濾 18 種常見的敏感資料，防止機密意外流出。 💡 核心優勢： • 絕對隱私（Zero Telemetry）：不儲存、不上傳剪貼簿，所有掃描與分析全程在您的地端電腦內完成。 • 極致輕量：純 JavaScript 開發（Manifest V3），零外部依賴、無框架包袱。 • 完整主導權：偵測到敏感資訊時會跳出浮層提示，顯示找到的威脅並自動產生「消毒過的安全版本」供您快速複製。您可以自由決定要貼上原始內容還是安全版。 🌐 支援掃描的 22 種敏感資料類型： - 私有 IP 位址（10.x / 192.168.x / 172.16-31.x） - SSH 連線目標（如 root@192.168.1.10） - GitHub / GitLab Token - AWS Access Key - JWT Token - Telegram Bot Token - 資料庫連接字串（PostgreSQL、Redis、MongoDB 等） - Private Key 私鑰標頭 - FortiGate ENC、PSK 與啟發式（Heuristic）密碼欄位 - 信用卡號（Visa / Mastercard / Amex / 統一發卡 / JCB） - 國際銀行帳戶（IBAN / SWIFT 關鍵字） - 台灣本地銀行帳號與行動電話號碼（關鍵字觸發） - 內網網域與系統敏感路徑（/etc/ssl、/root/ 等） 這類防護本該是瀏覽器的預設功能，既然官方沒做，我們用開源工具幫自己和團隊加上這道安全紅線。