Flak is replaced with FastAPI, phishing detection API is included, hosted on Render

CounterAct Mitigation is a Browser Extension that check the authenticity and detail of current webpage to ensure safety of you and your system.
A robust web application authentication system that helps verify the legitimacy of web applications by analyzing various security parameters. This system combines a Flask backend API with a Chrome extension frontend to provide real-time authenticity checks for web applications.

• Domain age verification with comprehensive error handling
  
• SSL certificate validation and detailed certificate information
  
• IP address detection and validation
  
• Suspicious keyword detection
  
• Multi-factor risk assessment
  

• RESTful API architecture using Flask
  
• Cross-Origin Resource Sharing (CORS) support
  
• Comprehensive error handling and logging
  
• Chrome extension with popup interface
  
• Dark/Light theme support with persistent settings
  

Flask==2.1.0
flask-cors==3.0.10
python-whois==0.8.0
urllib3==1.26.8
ipaddress==1.0.23

• Python 3.x
  
• Flask framework
  
• Libraries:
  
  • flask-cors: For handling cross-origin requests
    
  • whois: For domain registration information
    
  • ssl: For certificate validation
    
  • socket: For network operations
    
  • logging: For system monitoring
    
  • urllib: For URL parsing and validation
    
  • ipaddress: For IP address validation
    

• HTML5
  
• CSS3
  
• JavaScript
  
• Chrome Extension APIs
  

1. Install Python dependencies:

pip install flask flask-cors python-whois

2. Start the Flask server:

python app.py

The server will run on http://localhost:5000

1. Open Chrome and navigate to chrome://extensions/
2. Enable "Developer mode"
3. Click "Load unpacked"
4. Select the extension directory containing the manifest and frontend files

• Checks domain registration date
• Multiple fallback strategies for date extraction
• Age-based risk assessment

• Validates SSL certificate authenticity
• Extracts certificate details including:
  • Subject information
  • Issuer details
  • Expiration date
• Connection timeout handling

• Comprehensive URL parsing and validation
• IP address detection
• Suspicious keyword monitoring
• Risk factor aggregation

• Clean and intuitive popup interface
• Real-time loading indicators
• Error messaging system
• Dark/Light theme toggle with local storage persistence
• Detailed results display including:
  • Authentication status
  • Risk detail
  • Domain information
  • Age verification results

• Input validation for all URL submissions
• Error handling for network timeouts
• SSL verification error catching
• Protection against malformed URLs
• Logging system for security monitoring

Analyzes a provided URL for authenticity.

Request Body:

{
    "url": "https://example.com"
}

Response Format:

{
    "is_fake": boolean,
    "message": string,
    "details": string,
    "domain_info": {
        "domain": string,
        "age_info": {
            "age_days": number,
            "creation_date": string,
            "registrar": string
        }
    }
}

• Asynchronous API calls
• Efficient error handling
• Minimal DOM manipulation
• Theme preference caching
• Optimized certificate validation

• Python 3.x
• Flask
• Internet connection for WHOIS and SSL verification
• Proper SSL configuration
• Network access for domain queries

• Chrome browser
• JavaScript enabled
• Local storage access
• Network connectivity

This project is licensed under the MIT License - see the LICENSE file for details.