365DevNet/EnterpriseAppProtection
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
EnterpriseAppProtection/README.md
becarta ba83c95914 feat: Add Enterprise App Protection extension with settings and popup UI 
- Implement manifest.json for Chrome extension with necessary permissions and background scripts.
- Create options.html for user settings including Google Safe Browsing API key, domains database URL, update interval, and warning message template.
- Develop options.js to handle loading and saving settings using Chrome storage.
- Design popup.html to display suspicious links and provide options to update the database and manage domains.
- Implement popup.js to manage interactions in the popup, including updating the database and resetting the suspicious links counter.
- Add testsite.html for dynamic testing of the extension with both official and fake links.
2025-05-10 03:25:49 +02:00

5.5 KiB
Raw Permalink Blame History

Enterprise App Protection

🔍 What This Extension Does

Protect yourself and your organization from phishing attacks that impersonate common enterprise applications like DocuSign, Salesforce, Microsoft 365, and hundreds more. This extension:

  • Automatically scans links in your browser and emails in real time
  • Alerts you when a link claims to be from a trusted enterprise app but leads to an unofficial domain
  • Uses Google Safe Browsing API to detect phishing and malware threats beyond known fake domains
  • Maintains an up-to-date database of legitimate enterprise application domains
  • Detects dynamically added links (e.g., in Outlook Web, Teams, SharePoint)
  • Works with 150+ enterprise applications
  • Functions completely offline after initial setup (except for Safe Browsing checks)

Enterprise App Protection Screenshot

⚙️ How It Works

When you visit a webpage or open an email, the extension:

  1. Scans all links and detects if any enterprise applications (like "DocuSign" or "Salesforce") are mentioned
  2. Verifies if the associated links actually go to official domains
  3. Checks Google Safe Browsing to detect malware and phishing links not in its internal database
  4. Detects links inside dynamically loaded content (like Outlook Web, Microsoft Teams, SharePoint)
  5. Shows a clear warning if a potential impersonation attempt is detected

🔐 Privacy & Security

  • Zero Data Collection: This extension does not collect, store, or transmit any personal data, browsing history, or email content.
  • Completely Offline: After initial installation, all domain checks are performed locally on your device.
  • No Cloud Processing: All link analysis happens directly in your browser.
  • Uses Google Safe Browsing API: Checks URLs against Googles real-time phishing and malware database.
  • Open Source: All code is available for review.

🚫 What This Extension Doesn't Do

  • Does NOT access, read, or store your email content or attachments.
  • Does NOT track your browsing history.
  • Does NOT require an account or registration.
  • Does NOT send any data back to our servers.
  • Does NOT modify or alter any content—it only shows warnings.
  • Does NOT prevent you from visiting any websites.

🔹 Trusted & Blocked Domains

  • Trusted Domains: These domains are always allowed and will not be flagged.
  • Blocked Domains: These domains will always be marked as unsafe.

To modify trusted/blocked domains:

  1. Open the extension options page.
  2. Add or remove domains under "Trusted Domains" or "Blocked Domains".
  3. Click "Update Database" to apply changes.

🔍 Google Safe Browsing API

This extension integrates with Google Safe Browsing to detect additional phishing and malware sites.
If Google does not recognize a site as unsafe, it will not be flagged unless it is in the blocked domains list.

🔹 Report new phishing domains to GoogleSubmit a phishing site

👥 Perfect For

  • Business professionals who regularly use enterprise applications
  • IT security teams looking to protect their organizations
  • Anyone concerned about phishing attacks targeting business services
  • Organizations using multiple cloud-based enterprise applications
  • Microsoft 365 users (Outlook, Teams, SharePoint) who want extra security

🖥️ System Requirements

  • Google Chrome 88+ / Microsoft Edge 88+
  • Works with Microsoft Outlook Web, Teams, and SharePoint
  • Internet connection required for Safe Browsing checks (optional)

🛠️ Troubleshooting

Why is a suspicious site not flagged?

  • It might not be in the domains.json database.
  • Google Safe Browsing does not recognize it as a phishing site.
  • The domain may be a legitimate subdomain of an official service.

Why is a link incorrectly flagged?

  • If the link contains a word matching an app name but is not actually phishing.
  • You can add the domain to "Trusted Domains" in the options page.

🔥 Latest Updates

Final Version Features

  • Dynamic Link Scanning: Detects phishing links inside emails, Teams, and SharePoint without reloading the page.
  • 🎯 Google Safe Browsing Support: Detects additional phishing sites beyond known fake domains.
  • 🛡️ Improved Matching: Ensures only full app names trigger warnings.
  • 🚀 Optimized Performance: No duplicate warnings, reduced false positives.
  • 📡 No More Debugging Logs: Production-ready version with clean console logs.

Screenshots

🔧 Settings Page

The settings page allows users to configure the Google Safe Browsing API key and manage trusted and blocked domains. Users can enter domains manually to whitelist or blacklist specific sites.

Settings Page

⚠️ Extension Popup

The extension popup provides real-time feedback when navigating websites. If a domain is flagged as unsafe, the user receives an alert, helping to prevent phishing and malicious activity.

Extension Popup