Visilant

Protection against Homograph Attack & Clone Phishing based on your site visiting statistics

Visilant is a lightweight, open-source extension designed to protect you from phishing sites and homograph attacks. It helps you spot fake websites that try to steal your credentials by visually mimicking legitimate services. How it works: Most phishing websites are those you have never visited or visit very rarely. Visilant tracks your visit history locally and provides immediate visual cues when you interact with an "unfamiliar" site. Unlike traditional antivirus solutions, it can alert you about phishing sites the moment they are created, without waiting for blacklist updates. Key Features: * Homograph Protection: Visilant highlights the actual domain name and supports Punycode display to prevent attacks where special characters look like Latin letters (e.g., a fake amazon.com). * Interactive Dashboard: Click the icon to view detailed visit statistics, sort your site history, and adjust display settings on the fly. * Hardened Security: Includes anti-tampering protection that detects and alerts you if a malicious website attempts to disable or hide the extension. GETTING STARTED 1. Install the extension. 2. (Highly Recommended) Pin the Visilant icon to your browser toolbar for constant visibility. 3. Click the Visilant icon to open the Dashboard (Popup). 4. Click the Settings (gear) icon to configure preferences. 5. Import your browser history to initialize the visit counter. This drastically reduces false positives for sites you already use. CONFIGURATION INCLUDES: 1. Safety Threshold: How many visits make a site "familiar" (default is 10). 2. Display & Sorting: * Toggle Domain Highlighting to easily spot the real domain extension. * Switch between Unicode and Punycode for international domains. * Sort site history by name or visit count. 3. Notifications: * Triggers: Typing, copying, or both. * Style: Browser notifications, in-page warnings, or both. PRIVACY & PERMISSIONS Visilant is open-source and operates locally: 1. All data remains on your computer. Nothing is sent to external servers. 2. Permissions: * Tabs, Storage, Host Permissions: Required for core functionality (tracking visits, detecting inputs). * Notifications: Required to alert you if a malicious site attempts to tamper with the extension. * Browser History: Optional. Required only if you choose to import history (recommended). LIMITATIONS 1. Not a Malware Blocker: Visilant focuses on social engineering and spoofing. It does not block malware downloads or trackers. 2. Relies on Awareness: The extension warns you, but you must decide to act on that warning. 3. False Positives and Negatives: Legitimate sites with low visit counts may trigger warnings (false positives), while phishing sites visited repeatedly (or hijacked sites) may go unflagged (false negatives). 4. Script Injection: Visilant injects a script to detect inputs. While the extension includes Anti-Tampering Protection to detect if a site tries to remove this script, pinning the extension icon remains the most reliable visual indicator.