PhishPal Icon

🛡️ PhishPal

Your friendly anti-phishing Chrome extension, real-time threat detection on every link

Chrome Extension Railway Backend API NEW VirusTotal Integration JavaScript ES6+ Manifest V3 Real-time Scanning

🚀 Key Features

🔍 On-Hover Scanning

PhishPal adds a "🔍 Scan" button when you hover over any HTTP/HTTPS link. One click instantly checks the URL's reputation through the secure backend API.

🚦 Visual Risk Indicators

Color-coded results at a glance:

  • 🟢 Safe no threats detected
  • 🟡 Suspicious flagged by some engines
  • 🔴 Dangerous malicious content detected
  • Error scan failed or API issue

📊 Detailed Tooltips

Hover over result markers to see full VirusTotal stats, malicious, suspicious, harmless, and undetected counts from dozens of security engines.

⚡ Enhanced Performance

The Railway backend handles API rate limiting, caching, and optimization. No VirusTotal API key needed, everything works out of the box.

🏗️ Architecture

🌐

Chrome Extension

Content & Background Scripts

🚀

Railway Backend

Express.js API Server

🔍

VirusTotal API

Threat Intelligence

🔒 Secure API Handling

VirusTotal API key is stored on the backend server, never exposed in client-side extension code.

⚡ Rate Limiting & Caching

Backend handles API rate limits intelligently and caches results to improve performance and reduce API usage.

🌍 Global Availability

Railway deployment ensures high availability and fast response times from anywhere in the world.

🛠️ Easy Maintenance

Centralized backend means updates and improvements are seamless, no extension update required.

🔧 How It Works

1

Hover Detection

Content script detects when you hover over HTTP/HTTPS links and dynamically creates scan buttons.

2

User Interaction

Click "🔍 Scan" to initiate URL analysis. Button shows a loading state during the scan.

3

Railway Backend

Background script sends the URL to the secure Railway server, which handles VirusTotal API calls, rate limiting, and caching.

4

Visual Results

Scan button is replaced with a color-coded result marker and detailed tooltip with engine statistics.

📦 Installation

RECOMMENDED

🏪 Chrome Web Store

🛒 Install from Chrome Web Store
  • Click "Install from Chrome Web Store" above
  • Click "Add to Chrome" on the store page
  • Confirm by clicking "Add extension"
  • PhishPal is installed and ready to use
  • Hover over any link to see it in action
  • No configuration needed, backend handles everything

🔧 Developer Mode

  • Download extension from GitHub
  • Open Chrome and go to chrome://extensions
  • Enable "Developer mode" toggle (top-right)
  • Click "Load unpacked" and select the PhishPal folder
  • Extension is ready, no API key setup required
  • Backend automatically handles all VirusTotal API calls

🧩 Backend Integration

// Backend API integration
async function checkUrlWithBackend(url) {
  try {
    const response = await fetch(
      'https://phishpal-backend-production.up.railway.app/api/check-url',
      {
        method: 'POST',
        headers: { 'Content-Type': 'application/json' },
        body: JSON.stringify({ url })
      }
    );

    if (!response.ok) throw new Error(`Backend error: ${response.status}`);

    const data = await response.json();
    return data.stats;
  } catch (error) {
    console.error('Backend failed:', error);
    return { harmless: 0, malicious: 0, suspicious: 1, undetected: 0 };
  }
}

// Message handling for content script communication
chrome.runtime.onMessage.addListener((request, sender, sendResponse) => {
  if (request.action === "scanLink" && request.link) {
    checkUrlWithBackend(request.link)
      .then(stats => sendResponse({ stats }))
      .catch(error => sendResponse({
        error: error.message,
        stats: { harmless: 0, malicious: 0, suspicious: 1, undetected: 0 }
      }));
    return true;
  }
});

⚙️ Manifest V3 Configuration

{
  "manifest_version": 3,
  "name": "Phishing Hover Detector",
  "version": "1.1",
  "permissions": ["scripting", "tabs", "storage"],
  "host_permissions": [
    "",
    "https://phishpal-backend-production.up.railway.app/*"
  ],
  "background": { "service_worker": "background.js" },
  "content_scripts": [{ "matches": [""], "js": ["content.js"] }],
  "icons": { "48": "icon48.png", "128": "icon128.png" }
}

Key Improvements in v1.1

  • Railway Backend secure Express.js server handling all API communications
  • No API Key Required users don't need to manage VirusTotal API keys
  • Enhanced Security API credentials safely stored on backend server
  • Better Performance server-side caching and rate limiting
  • Improved Reliability centralized error handling and fallback mechanisms

🎯 Try It Out

Once installed, PhishPal works on any website. Hover over these example links to see it in action:

https://www.google.com https://www.github.com https://example.com

Hover over these links after installation to see PhishPal in action!

⚠️ Important Disclaimer

PhishPal is an MVP (Minimum Viable Product) designed for educational and demonstration purposes. While it provides real threat detection via VirusTotal through a secure backend, users should:

🛡️ Start Browsing Safer

Install PhishPal in seconds and get real-time phishing protection on every link you hover over.

🛒 Install Extension 💻 View Source Code 💼 All Projects