FrithX

FrithX empowers devs, startups, and non-security professionals to build secure, privacy-first apps without cost, jargon, or fear. It’s how you earn trust, not just traffic. Why fear? FrithX is here!

Comment

Inspiration

As a cybersecurity enthusiast and developer, I often saw non-security professionals, creators, freelancers, and indie hackers treat cybersecurity as a chore. Something abstract. Something to deal with "later."
But in today’s digital world, security is not optional , it’s the foundation of trust.
What inspired me most was this disconnect between how important security is and how inaccessible it feels to most people.

I wanted to fix that. I wanted to build something that says:

"Hey, security doesn't have to be scary. It can be simple. It can be yours."

That’s how FrithX was born; a free, lightweight, and modular cybersecurity toolkit for devs, startups, and non-security pros who want to build with confidence.

What it does

FrithX is a modular, zero-cost platform with 4 core tools:

Threat Modeling Canvas - Drag-and-drop your system, label sensitive flows, get threat analysis based on STRIDE, PASTA, OCTAVE etc., simulate attacks, and get fix recommendations. Zero Trust Wizard - Design access control policies with guided steps and output them as policy-as-code. Privacy Notice Builder - Instantly generate GDPR/CCPA compliant privacy policies and cookie banners from simple form inputs. ShadyPixel - Upload or paste screenshots, and it uses OCR + rule-based analysis to detect phishing, scam patterns, or social engineering threats.

Each tool runs client-side or with minimal backend, so no personal data is ever sent to servers. It's secure, lightweight, and offline-friendly.

How we built it

Frontend: HTML, CSS, JavaScript (vanilla)
Platform: Bolt.new State handling: Pure JavaScript
Threat engine: Custom model-based mapping logic, with JSON rules
Image analyzer: Tesseract.js (OCR) + regex + pattern-matching
Authentication: Firebase Auth + Google Sign-In

Each module is built as a self-contained card - they don’t depend on each other, so users can jump into whatever task they need.

Challenges we ran into

  • Explaining security in plain language was harder than writing code.
  • Creating an intuitive drag-and-drop threat modeler using vanilla JS took time.
  • I had to simulate threat chains logically, not just randomly which required designing a basic risk engine from scratch.
  • Privacy policy generation required understanding legal frameworks like GDPR and CCPA, that was a rabbit hole!

But the hardest part?
Designing something that non-technical users wouldn't be afraid to touch.

Accomplishments that we're proud of

  • FrithX is built for people who often feel left out of security like creators, students, and indie builders.
  • No jargon, no cost, no complexity; just simple tools anyone can use with confidence.
  • You don’t need to be technical. Drag, drop, click and you’re protected.
  • No accounts, no upsells, just honest help, when and where you need it.
  • Our proudest accomplishment? Giving everyday builders peace of mind in a digital world that rarely offers it.

What we learned

  • Security is a language, and most people don’t speak it, so I became the translator.
  • Making things simple is 10x harder than making them powerful; but 100x more impactful.
  • Even without fancy frameworks, HTML, CSS, and vanilla JS can do incredible things.
  • Emotional design matters. When people feel safe, they build boldly.

What's next for FrithX

Template Library - Prebuilt threat models, privacy policies, and Zero Trust configs
AI Copilot - Natural language-to-threat model or policy generation
Deepfake Detector - Detect any deepfake or AI-created image Community Hub - Shareable models and public privacy notices
OAuth + Firebase Integration - Save and sync models securely
Localization Support - Bengali and multilingual privacy policy generation

Built With

Share this project:

Updates