-
Cover
Inspiration
Phishing remains one of the most common and effective cyberattacks, responsible for a significant percentage of data breaches worldwide. Most existing tools only provide a simple “safe” or “unsafe” result, which doesn’t help users understand why something is dangerous.
We were inspired to build a solution that not only detects phishing but also educates users by breaking down how the attack works, helping them become more aware and resilient against future threats.
What it does
PhishGuard AI is an intelligent phishing detection platform that analyzes URLs, emails, and messages in real time.
It goes beyond basic detection by providing:
A risk score (0–100) Clear verdict (Safe, Suspicious, Phishing) Attack type classification Technical breakdown of the threat Simulated attack flow Key indicators and red flags Actionable recommendations Educational insights to improve user awareness
This transforms phishing detection into an interactive learning experience, not just a warning.
How we built it
We built PhishGuard AI as a full-stack web application:
Frontend: HTML, CSS, JavaScript (custom UI for a cybersecurity feel) Backend: Serverless API using Node.js AI Engine: Claude (via secure API integration) Deployment: Vercel for fast and scalable hosting
The frontend sends user input to a backend endpoint (/api/scan), where AI processes the content and returns structured JSON data. This data is then rendered into a detailed and user-friendly security report.
Challenges we ran into
Ensuring consistent and structured AI responses (avoiding undefined fields) Designing prompts that produce detailed but reliable cybersecurity analysis Securing API keys and moving logic to the backend Handling edge cases and fallback scenarios Creating a UI that is both visually appealing and information-dense without overwhelming users
Accomplishments that we're proud of
Building a complete AI-powered cybersecurity tool from scratch Delivering explainable AI results, not just binary outputs Creating a clean, modern interface that feels like a real security platform Implementing structured analysis including attack flow and technical breakdown Successfully deploying a working, real-time application
What we learned
How to safely integrate AI into production applications The importance of prompt engineering for structured outputs Backend architecture and API security best practices How to design user experiences that build trust through transparency The value of combining AI + education in cybersecurity tools
What's next for PhishGuard AI - Phishing Detection & Attack Analysis
Browser extension for real-time phishing detection Email client integration (Gmail/Outlook scanning) Expanding threat intelligence with known phishing patterns User accounts and scan history tracking Mobile app version Improved AI models for even deeper technical analysis
Built With
- ai
- html/css
- javascript
- node.js
- vercel
Log in or sign up for Devpost to join the conversation.