SecureScan is a modern, privacy-first suite for real-time website threat analysis. It includes a browser extension with modern gradient UI, an interactive web dashboard, and a robust backend API with comprehensive logging and validation. Powered by VirusTotal and URLScan, it detects malicious domains before they can do damage.
β Modern Tech Stack - Built with JavaScript and latest frameworks β Beautiful Gradient UI - Professional blue-cyan design system across all components β Enterprise Logging - Winston-based centralized logging in backend β Robust Validation - Email, URL, domain validation utilities β Production Ready - Full error handling, environment validation, security hardened β Complete Documentation - Comprehensive READMEs with setup guides and API documentation
SecureScan/
βββ Extension/ # Browser extension (React + Chrome APIs)
β βββ src/
β βββ public/
β βββ dist/ # Production build
β βββ README.md # Extension documentation
βββ Frontend/ # Web dashboard (React 19 + TailwindCSS)
β βββ src/
β βββ public/
β βββ dist/ # Production build
β βββ README.md # Frontend documentation
βββ Backend/ # Node.js + Express API
β βββ src/
β βββ logs/ # Application logs
β βββ dist/ # Compiled JavaScript
β βββ README.md # Backend documentation
βββ screenshots/ # Demo images
βββ README.md
- Node.js (v18+)
- npm or yarn
- Chrome browser (for extension)
- API keys: VirusTotal, URLScan
git clone https://github.com/tabishraza302/SecureScan.git
cd SecureScancd Extension
npm install
npm run buildLoad in Chrome:
- Go to
chrome://extensions/ - Enable "Developer Mode"
- Click "Load unpacked"
- Select the
dist/folder
cd Frontend
npm install
npm run devcd Backend
npm installCreate .env file:
# API Keys (Get from VirusTotal and URLScan)
VIRUS_TOTAL_KEY=your_virustotal_api_key
URLSCANIO_KEY=your_urlscan_api_key
# JWT Configuration
JWT_SECRET=your_secret_key_change_in_production
JWT_EXPIRY=7d
# Database
DB_HOST=localhost
DB_PORT=3306
DB_NAME=securescan_db
DB_USER=root
DB_PASSWORD=your_db_password
# Server
NODE_ENV=development
PORT=3000
ORIGIN=http://localhost:5173,http://localhost:5174
# Logging
LOG_LEVEL=infoRun development server:
npm run dev
Β
Β
Β
- π User visits a website
- 𧩠Extension extracts the domain and sends it to the backend
- π‘ Backend queries VirusTotal and URLScan APIs
- π Results are displayed with threat level, risk summary, and visualizations
- π Scan history is stored in MySQL database
- React 19 (latest)
- TailwindCSS 4 (styling)
- Radix UI (components)
- Lucide Icons
- Node.js + Express.js
- MySQL + Sequelize
- Winston (logging)
- JWT (authentication)
- React 19
- Chrome APIs (Manifest V3)
- TailwindCSS 4
- Recharts (visualization)
- π Real-time Detection - Scan domains instantly
- π Beautiful Visualizations - Radial charts and statistics
- π¨ Modern UI - Gradient design system (blue-cyan)
- π Secure - JWT authentication, encrypted communication
- 𧩠Modular - Clean architecture, easy to extend
- π± Responsive - Works on desktop and mobile
- π Privacy-First - No tracking, minimal data collection
- β‘ Fast - Optimized builds, quick load times
- π Well Documented - Complete setup and API docs
- β Bundle: 324.74 kB (gzipped: 101.76 kB)
- β Build time: < 2 seconds
- β Status: Production ready
- β Environment validation: β
- β Logging: Winston configured
- β Status: Production ready
- β Bundle: 1.95 MB total
- β Build time: ~10 seconds
- β Status: Production ready
- Extension README - Extension features, setup, scripts
- Frontend README - Frontend overview, components, design
- Backend README - API endpoints, setup, database
- Input Validation - Comprehensive email, URL, domain validation
- Error Handling - No sensitive data in error messages
- Authentication - JWT-based with configurable expiry
- CORS - Configurable origin restrictions
- Logging - Centralized logging without sensitive data
- Environment Validation - Required variables checked at startup
npm run dev # Development server
npm run build # Production build
npm run preview # Preview build
npm run lint # ESLint checknpm run dev # Development with auto-reload
npm run build # TypeScript compilation
npm start # Production server
npm test # Run tests
npm run lint # ESLint checknpm run dev # Development server
npm run build # Production build
npm run preview # Preview build
npm run lint # ESLint checkPort Already in Use?
# Find and kill process (macOS/Linux)
lsof -i :3000 | grep LISTEN | awk '{print $2}' | xargs kill -9Extension Not Loading?
- Ensure you're loading from
dist/folder - Check Chrome DevTools console for errors
- Reload extension in Extensions page
Database Connection Error?
- Verify MySQL is running
- Check DB credentials in
.env - Ensure database exists
API Keys Not Working?
- Verify keys in
.env - Check API service status
- Ensure keys have correct permissions
See individual README files for more detailed troubleshooting.
This project is licensed under the MIT License. See LICENSE for details.
We welcome contributions! Please:
- Fork the repository
- Create a feature branch
- Make your changes
- Submit a detailed pull request
Tabish Raza
- VirusTotal - Domain threat analysis
- URLScan.io - URL scanning service
- React - UI framework
- TailwindCSS - CSS framework
Built with β€οΈ for safer web browsing
Version: 1.0.0 Last Updated: December 10, 2024 Status: β Production Ready