BreachTek Solutions (BTS), is a IT security company building DNS-based Ad and Malware protection for consumers, small businesses, and enterprises. I was introduced to the company through one of my close friends at Gran Touring Motorsports who has been helping the founder build its technology from the beginning. One of the features they would like to offer their higher tier customers is a browser extension to provide protection while browsing the web. Given my expertise building web applications they brought me in to build it.
Given that none of us had built a browser extension before the goal was to just build a proof of concept that could be replaced once we had design and features finalized. The criteria for success were
- Works with every major browser
- Can discover URLs placed on a webpage over time
- Ability to generate a threat assessment of the currently viewed webpage
- Can display the number of threats on a page as a badge on the extension icon
- Has an interactive window containing a detailed threat assessment of the current webpage
In the end it wasn't perfect, but I was able to complete each requirement. Each iframe has a script injected which scans and watches for new URLs inserted into the DOM. That script reports its findings to the extension which assesses each URL for threats and reports back to the script. The script could then block access to links, highlight risks, and more.
The extension keeps a global threat assessment and uses it to generate a window to display the assessment. Assessments of URLs are currently randomly generated and assigned. In future versions, the URL scanning and detection would be more advanced, the extension would use BreachTek's technology to analyze threats, security policies for threats would be enforced, and the customer could manage their account directly from the extension.