The Guardian is the sentinel of the Data Stream, specialized in identifying and neutralizing malicious URL patterns before they can compromise the Grid. Using advanced heuristic analysis and entropy-based detection, The Guardian provides a transparent and detailed risk report for any incoming communication link.
- Shannon Entropy Engine: Calculates the mathematical randomness of domains to detect Domain Generation Algorithms (DGA) and randomized phishing URLs.
- Heuristic Analysis Dashboard: A comprehensive rules-based engine that flags suspicious TLDs, brand impersonation, and structural anomalies.
- External Intelligence Integration: Simulated integration with Google Safe Browsing and VirusTotal APIs for real-world intelligence lookups.
- Automated Risk Reporting: Generates high-fidelity visual reports and print-optimized PDF snapshots of technical findings.
The Guardian leverages a weighted heuristic scoring system to evaluate URL safety. It parses the URL structure using native JS APIs and applies a series of scoring rules: suspicious TLDs (e.g., .xyz, .top) contribute +20 to the risk score, while the presence of high-value brand keywords (e.g., "amazon", "google") in subdomains triggers an impersonation flag.
The core of its predictive power lies in its Shannon Entropy calculation. By analyzing the frequency distribution of characters in the domain string, it identifies "random-looking" strings that are statistically distinct from human-readable words, a common trait of malicious infrastructure.
🔗 Part of the Neon Surge Ecosystem
- Ensure Node.js is active.
- Clone the Guardian repository:
git clone https://github.com/mayoka0/URL-perser-Phishing-Risk.git
- Install and Execute:
npm install npm run dev