Phantom Phisher

login page
verification mail
Phising Guard chrome extension
Question
Answer on why its phising with explanation
Achievements
Question
Answer on why it's safe with explanation
Leaderboard

Phantom Phisher — Simulate, Educate, Secure

Problem We Focused On

Phishing is the top cause of account compromise, yet training is boring and forgettable. Employees don’t get realistic, hands-on practice — they learn rules, not instincts. Security tools block threats but don’t teach users how to spot them on their own.

Our Solution

A gamified web app that delivers realistic phishing challenges with instant coaching, scoring, streaks, achievements, and a global leaderboard (usernames supported).
A Chrome extension that overlays real-time warnings in Gmail, turning everyday email into safe, teachable moments.
An ML service that analyzes emails (subject, body, sender, links) and returns phishing probability, confidence, and indicators for explainable feedback.
Privacy-first: simulations are local and safe; no real emails are altered or sent.

How It Works (High Level)

Sign in with a magic link and pick a username.
The backend serves AI-generated or templated emails; the ML service scores risk and explains why.
The user answers; the app records a session, updates stats, unlocks achievements, and updates the leaderboard.
The Chrome extension uses the same ML service to scan Gmail and display risk banners in the inbox.

Technology Stack

Languages: TypeScript, JavaScript, Python, SQL

Frontend: Next.js 14 (App Router), React, Tailwind CSS, Framer Motion

Backend: Node.js, Express, Supabase JS client

ML/AI: FastAPI (Python), scikit-learn–based heuristics, Google Gemini (gemini-1.5-flash) for content generation

Database & Auth: Supabase (PostgreSQL), Supabase Auth (magic links), RLS policies, SQL views (leaderboard)

Browser Extension: Chrome Extension Manifest V3, Chrome Storage/Runtime APIs

Tooling: GitHub, VS Code, npm, Python venvs

Why It’s Different

Dual impact: trains users via a fun game and protects them in the real inbox.
Explainable AI: shows probability, confidence, and concrete indicators.

* Production-ready: includes sound design, achievements, leaderboard.

Play. Learn. Protect.

👻 Phantom Phisher — AI-Powered Cybersecurity Training Game GitHub Repository

Built With

Updates

sanjay ravichandran started this project — Oct 19, 2025 11:46 AM EDT

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.