🛡️ RiskSentinel — Real-Time Scam & Website Risk Detector

RiskSentinel is an open-source browser extension that performs real-time scam detection and website risk analysis using domain intelligence, content inspection, checkout analysis, and optional reputation APIs.

It helps users identify fake stores, scam job listings, phishing pages, and risky websites before they enter credentials or payment information.

---

🚀 Why RiskSentinel Exists

Most scam checker tools give a simple yes/no answer.
RiskSentinel instead provides explainable security signals so users can see why a site is risky.

Think of it as a website risk analyzer rather than a blacklist lookup.

---

✨ Features

🔍 Domain Intelligence

• Domain age (RDAP)
• HTTPS detection
• Certificate transparency history

🧠 On-Page Scam Detection

• Missing contact info
• No privacy / terms / refund policies
• High-pressure language
• Unrealistic income claims
• Phishing-style wording
• Password fields on suspicious pages

🧩 Advanced Scam Fingerprints

• Countdown / scarcity timers
• Fake "As seen on" press logo walls
• Brand–domain mismatch
• Copy-paste policy boilerplate
• Crypto / gift card / wire transfer language

💳 Checkout & Payment Inspection

• Off-domain checkout links
• URL shorteners in checkout
• Known processors (PayPal, Stripe, Shopify, etc.)
• Redirect-heavy payment flows

🛡️ Optional Reputation APIs

• Google Safe Browsing
• VirusTotal

📊 Results

• 0–100 risk score
• Low / Medium / High classification
• Top 3 red flags
• Full findings list
• Per-domain scan history

---

🧠 What Makes It Different

✔ Explainable results
✔ No tracking / telemetry
✔ No account required
✔ API keys stored locally
✔ Works on any website
✔ Built for security professionals & everyday users

---

🖥️ Installation (Developer Mode)

1. Clone the repository:

   git clone https://github.com/yourusername/RiskSentinel.git

2. Open in your browser:

   chrome://extensions
   or
   brave://extensions

3. Enable Developer mode

4. Click Load unpacked

5. Select the RiskSentinel folder

6. Pin the extension

---

🔑 Optional: Enable Reputation APIs

RiskSentinel works without API keys.
Keys only improve reputation coverage.

Supported:

• Google Safe Browsing
• VirusTotal

Open extension details → Extension options → Paste keys → Save

Keys are stored using chrome.storage.local.

---

📂 Project Structure

RiskSentinel/
├─ manifest.json
├─ popup.html
├─ popup.js
├─ content.js
├─ background.js
├─ options.html
├─ options.js
├─ icons/
│ ├─ icon16.png
│ ├─ icon32.png
│ ├─ icon48.png
│ └─ icon128.png
└─ README.md

---

🧪 Use Cases

• Checking suspicious online stores
• Vetting remote job listings
• Investigating phishing links
• Auditing landing pages
• Security awareness training

---

⚠️ Disclaimer

RiskSentinel provides risk signals, not guarantees.
Always apply human judgment before making decisions.

---

🛣️ Roadmap

• Exportable reports
• Simplified icon-only mode
• OSINT enrichment
• Server-side reputation proxy
• Pro version

---

🤝 Contributing

Pull requests are welcome.

Ways to help:

• Add new detection rules
• Improve scoring logic
• Improve UI/UX
• Write documentation

---

📜 License

MIT License

---

⭐ Support the Project

If you find RiskSentinel useful:

Star this repository
Share it with security-minded friends
Submit ideas or issues

Stars help the project gain visibility and attract contributors.