PhiShield is an intelligence-based web extension that detects phishing URLs using machine learning algorithms. The system consists of a Flask backend API and a Chrome extension frontend. (This project is developed as a Final Year Project for educational purposes.)
Required Python Libraries (specified in requirements.txt):
- beautifulsoup4==4.13.4
- Flask==3.1.0
- flask-cors==5.0.1
- googlesearch-python==1.3.0
- numpy==2.2.5
- pandas==2.2.3
- requests==2.32.3
- scikit-learn==1.6.1
- whois==1.20240129.2
The project includes a pre-trained machine learning model (model.pkl) and uses the dataset (phishing.csv) for training. The dataset contains:
- 11,056 URL samples
- 30 features extracted from each URL
- Binary classification (phishing vs legitimate)
Dataset Source: https://www.kaggle.com/datasets/eswarchandt/phishing-website-detector
PhiShield/
├── app.py # Flask backend server
├── feature.py # Feature extraction module
├── model.pkl # Trained ML model
├── phishing.csv # Training dataset
├── requirements.txt # Python dependencies
├── manifest.json # Chrome extension manifest
├── popup.html # Main extension popup interface
├── popup.js # Extension popup logic
├── background.js # Extension background script
├── content.js # Extension content script
├── admin.html # Admin dashboard
├── bookmark-list.html # Bookmark management
├── bookmark-list.js # Bookmark logic
├── blacklist.json # Blacklisted URLs
├── whitelist.json # Whitelisted URLs
├── pending.json # Pending reports
├── img/ # Extension icons
├── libs/ # External libraries
└── web/ # Web interface files
Option 1: Using Git (Recommended)
git clone https://github.com/k3shii/PhiShield.git
cd PhiShieldOption 2: Manual Download
- Download the project files to your local machine
- Extract all files to a directory of your choice
-
Open Command Prompt (Windows)
-
Navigate to the project directory (if not already there):
cd PhiShield -
Create a virtual environment (recommended):
python -m venv venv
-
Activate the virtual environment:
venv\Scripts\activate
- Install all required packages:
pip install -r requirements.txt
-
Open Command Prompt (Windows)
-
Navigate to the project directory (if not already there):
cd PhiShield -
Activate virtual environment (if not already activated):
venv\Scripts\activate
-
Run the Flask application with the -B flag to disable bytecode generation:
python -B app.py
-
You should see output similar to:
* Running on http://127.0.0.1:5000 * Debug mode: off -
The server is now running on: http://127.0.0.1:5000
-
Keep this terminal window open while using the application
-
To stop the server, press
Ctrl+Cin the terminal
- Open Google Chrome browser
- Type
chrome://extensions/in the address bar and press Enter - In the top-right corner of the extensions page, toggle ON the "Developer mode" switch
- After enabling Developer mode, you will see three new buttons appear: "Load unpacked", "Pack extension", and "Update"
- Click the "Load unpacked" button
- A file dialog will open - navigate to your PhiShield project folder
- Select the entire PhiShield folder (not individual files)
- Click "Select Folder"
- The PhiShield extension should now appear in your extensions list with the name "PhiShield"
- If you see any errors, click the "Reload" button on the extension card
- Look for the PhiShield extension icon in your Chrome toolbar (top-right corner)
- If you don't see it, click the puzzle piece icon (extensions menu) and pin PhiShield
- Click on the PhiShield extension icon to open the popup
- In the popup window, enter a URL to check for phishing (e.g., https://example.com)
- Click "Check URL" or press Enter
- The system will analyze the URL and display results:
- Green: Safe/Legitimate URL
- Red: Phishing/Suspicious URL
- Yellow: Uncertain/Under review
- Use the "Add to Bookmarks" feature to save trusted URLs
- Use the "Report URL" feature to report suspicious URLs for admin review
Access Admin Dashboard:
- Open browser and go to: http://127.0.0.1:5000/admin
- Username:
adminPassword:admin123(this can be changed inadmin.html) - Use admin key:
"your-secure-admin-key"(change this in production)
Admin Features:
- View pending URL reports
- Manage blacklist and whitelist
- Approve or reject reported URLs
- Monitor system activity
Backend API Endpoints:
POST /- URL phishing detectionPOST /report- Report suspicious URLPOST /whitelist- Add URL to whitelistGET /whitelist- Get whitelistDELETE /whitelist- Remove URL from whitelistGET /admin/pending- Get pending reports (admin)POST /admin/blacklist- Add URL to blacklist (admin)GET /admin/blacklist- Get blacklist (admin)DELETE /admin/blacklist- Remove URL from blacklist (admin)
After installation, verify everything is working correctly:
- Open browser and go to: http://127.0.0.1:5000
- You should see the PhiShield popup interface
- If you see "Connection refused", the server is not running
- Check
chrome://extensions/page - PhiShield should be listed and enabled
- No red error messages should be visible
- Extension icon should appear in toolbar
- Click PhiShield extension icon
- Enter a known safe URL (e.g., https://www.google.com)
- Should return "Safe" or "Legitimate" result with confidence
- Enter a known phishing URL for testing (https://github.com/Phishing-Database/Phishing.Database/blob/master/phishing-links-NEW-today.txt)
- Go to: http://127.0.0.1:5000/admin
- Enter username (
admin) and password (admin123) - Should show admin interface with pending
- PhiShield Version: 1.0
- Last Updated: July 2025
- Compatible with: Python 3.8+, Google Chrome, Microsoft Edge