https://github.com/anvilsecure/hominoid

Proof of concept for an anti-phishing browser plugin, working by comparing pages screenshots with perceptual hashing algorithms.
https://github.com/anvilsecure/hominoid

browser-extension perceptual-hashing phishing proof-of-concept security

Last synced: 5 months ago
JSON representation

Proof of concept for an anti-phishing browser plugin, working by comparing pages screenshots with perceptual hashing algorithms.

• Host: GitHub
• URL: https://github.com/anvilsecure/hominoid
• Owner: anvilsecure
• License: lgpl-2.1
• Created: 2019-07-17T13:37:59.000Z (almost 7 years ago)
• Default Branch: main
• Last Pushed: 2022-04-03T18:03:06.000Z (about 4 years ago)
• Last Synced: 2025-02-02T15:33:42.812Z (over 1 year ago)
• Topics: browser-extension, perceptual-hashing, phishing, proof-of-concept, security
• Language: HTML
• Homepage: https://www.anvilsecure.com/blog/silly-proof-of-concept-anti-phishing-using-perceptual-hashing-algorithms.html
• Size: 2.03 MB
• Stars: 11
• Watchers: 4
• Forks: 3
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Funding: .github/FUNDING.yml
  • License: LICENSE

Awesome Lists containing this project

README

          
You can read more details about this proof of concept on the introductory blog post: 

https://www.anvilsecure.com/blog/silly-proof-of-concept-anti-phishing-using-perceptual-hashing-algorithms.html

# What is this?

A usable proof-of-concept for a browser extension that checks if a malicious site is trying to impersonate a valid one. 

Its main features are:

- Local database: there is no central database, all information is kept in the user’s browser.

- Work with what the user sees: Hominoid flags malicious sites that look similar to the real ones, regardless of their code.

- Private sites: as all computations are done in the user’s browser, there is no difference between public and private sites. All of them can be analyzed accordingly. 

- Better control: as the plugin resides in the user’s browser, it can be configured to analyze only pages with certain characteristics. For example a login form, a credit card field, etc.

# Getting Started

Run the following commands to install dependencies and start developing

```

yarn install

yarn dev

```

  Loading the extension in Google Chrome

In [Google Chrome](https://www.google.com/chrome/), open up [chrome://extensions](chrome://extensions) in a new tab. Make sure the `Developer Mode` checkbox in the upper-right corner is turned on. Click `Load unpacked` and select the `dist` directory in this repository - your extension should now be loaded.

![Installed Extension in Google Chrome](https://i.imgur.com/ORuHbDR.png "Installed Extension in Google Chrome")

  Loading the extension in Brave

In [Brave](https://brave.com/), open up [brave://extensions](brave://extensions) in a new tab. Make sure the `Developer Mode` checkbox in the upper-right corner is turned on. Click `Load unpacked` and select the `dist` directory in this repository - your extension should now be loaded.

![Installed Extension in Brave](https://i.imgur.com/z8lW02m.png "Installed Extension in Brave")

  Loading the extension in Mozilla Firefox

In [Mozilla Firefox](https://www.mozilla.org/en-US/firefox/new/), open up the [about:debugging](about:debugging) page in a new tab. Click the `Load Temporary Add-on...` button and select the `manfiest.json` from the `dist` directory in this repository - your extension should now be loaded.

![Installed Extension in Mozilla Firefox](https://i.imgur.com/gO2Lrb5.png "Installed Extension in Mozilla Firefox")