PhishClean por PhishClean
Privacy-first phishing and token leakage protection. All detection runs locally on your device.
Algunas características pueden ser de pagoAlgunas características pueden ser de pago
Disponible en Firefox para Android™Disponible en Firefox para Android™
1 User1 User
Scan the QR code to open this extension in Firefox for Android
Metadata de la extensión
Capturas de pantalla
Sobre esta extensión
PhishClean detects phishing pages, token leaks, and credential theft in real time — entirely inside your browser. No data ever leaves your device.
What it catches:
How it works:
Install and browse normally. PhishClean runs in the background, scanning every page using local pattern matching and heuristics. No cloud lookups, no browsing history transmitted, no tracking. When a threat is detected, you see an on-page warning with a risk score, a plain-English explanation of what was found, and options to go back, ignore, or trust the domain.
Free vs Pro:
The free plan covers basic phishing detection — login page analysis, domain mismatch checks, and form structure scanning. Pro unlocks all 14 detection signals: secret leak scanning, JWT monitoring, hidden iframe detection, HTTPS downgrade alerts, network request analysis, and downloadable PDF threat reports.
Privacy by design:
The only data PhishClean sends to our server is an anonymous install ID and your extension version — used solely for license verification. Zero browsing data, zero page content, zero tokens. Everything else stays on your machine.
Website: https://phishclean.com
Privacy policy: https://phishclean.com/privacy
What it catches:
- Phishing login pages with domain mismatches and suspicious form structures
- Leaked API keys and secrets exposed in page source code (AWS, Google Cloud, Stripe, GitHub, Firebase, and more)
- JWT tokens exposed in URLs, localStorage, or network requests
- Hidden iframes used for clickjacking and session hijacking
- HTTPS-to-HTTP downgrade attacks that strip your encryption
- Authorization headers silently sent to third-party domains
- Passwords submitted over unencrypted HTTP connections
How it works:
Install and browse normally. PhishClean runs in the background, scanning every page using local pattern matching and heuristics. No cloud lookups, no browsing history transmitted, no tracking. When a threat is detected, you see an on-page warning with a risk score, a plain-English explanation of what was found, and options to go back, ignore, or trust the domain.
Free vs Pro:
The free plan covers basic phishing detection — login page analysis, domain mismatch checks, and form structure scanning. Pro unlocks all 14 detection signals: secret leak scanning, JWT monitoring, hidden iframe detection, HTTPS downgrade alerts, network request analysis, and downloadable PDF threat reports.
Privacy by design:
The only data PhishClean sends to our server is an anonymous install ID and your extension version — used solely for license verification. Zero browsing data, zero page content, zero tokens. Everything else stays on your machine.
Website: https://phishclean.com
Privacy policy: https://phishclean.com/privacy
Rated 5 by 2 reviewers
Permissions and data
Permisos requeridos:
- Acceder a las pestañas del navegador
- Acceder a la actividad del navegador mientras navegas
- Acceder a tus datos para todos los sitios web
Permisos opcionales:
- Acceder a tus datos para todos los sitios web
Data collection:
- The developer says this extension doesn't require data collection.
Más información
- Enlaces del complemento
- Versión
- 1.1.5
- Tamaño
- 167,32 KB
- Última actualización
- hace un mes (24 de may. de 2026)
- Categorías relacionadas
- Licencia
- Todos los derechos reservados
- Política de privacidad
- Leer la política de privacidad de este complemento
- Historial de versiones
- Etiquetas
- Añadir a la colección