Cerberus

Phishing evolves fast, Cerberus fights back smarter. Our LLM-powered Chrome extension detects fake sites in real time, verifies domains, and explains risks clearly — making browsing safe and fast.

Comment

Inspiration

Phishing still exploits the simplest human instinct: trust. Despite better spam filters and safe-browsing lists, lookalike sites keep slipping through. We wanted a solution that protects users \emph{before} credentials are entered and that explains risks in plain language. Cerberus turns modern AI perception into a real-time, in-browser safety net.

What it does

Cerberus is an AI-powered Chrome extension with a five-layer defense pipeline that detects phishing in real time.

Whitelist (CrUX + User Rules): Instantly passes known safe domains.

Blacklist (OpenPhish): Blocks known threats.

User Cache: Recognizes frequently visited, trusted sites.

Client-Side AI: Analyzes partial screenshots and HTML using Gemini Nano.

Server-Side AI: Uses Gemini and Ollama for full screenshot + domain verification. Cerberus classifies pages as Safe, Suspicious, or Dangerous, explains its reasoning, and highlights risky elements directly on the webpage.

How we built it

Frontend in TypeScript (MV3) and backend in FastAPI (Python 3.13) with LangChain, Gemini, and Ollama. We combined Google CrUX, OpenPhish, and Cloud Vision APIs for data, and optimized inference latency by racing client- and server-side LLM responses.

Challenges we ran into

  1. Balancing latency vs. accuracy under Manifest V3 restrictions.
  2. Ensuring explainability from LLM outputs.
  3. Avoiding false positives for legitimate look-alike domains.
  4. Maintaining privacy through local-first design.

Accomplishments that we're proud of

  1. Built a 5-layer hybrid AI pipeline that delivers verdicts in under 1 second for most sites.
  2. Created a dual-LLM race mechanism for speed and redundancy.
  3. Achieved human-readable explanations that improve cybersecurity literacy.

What we learned

  1. Visual + linguistic reasoning outperforms keyword heuristics for phishing detection.
  2. Early filtering (whitelist/blacklist/cache) saves enormous compute cost.
  3. Clear UX feedback (colors, confidence, explanations) drives user trust.

What's next for Cerberus

  1. Integrate Gemini Nano for fully local client inference.
  2. Add an educational chatbot to teach safe browsing habits.
  3. Develop enterprise dashboards for fleet monitoring and incident reporting.
  4. Expand threat intelligence integration and adversarial testing.

Built With

Share this project:

Updates