PhishGuard

90% of breaches start with a click. PhishGuard is a phishing simulator that lets IT teams safely 'attack' their own staff. We track real-time click rates to turn human error into a fixable metric.

Comment

Inspiration

We found out that the biggest cybersecurity attack is the social engineering or phishing attacks to counteract this we thought that the most efficient way would be to have employers have a way to teach their employees.

What it does

PhishGuard is a full-stack simulation platform that allows companies to launch mock phishing campaigns. It tracks user interactions in real-time, logging which employees clicked on a simulated malicious link and what templates (like "Gift Card" or "Password Reset") are most effective at bypassing human judgment.

How we built it

Backend: Developed a Node.js and Express API to manage campaigns and track click-through data. Database: Utilized SQLite to store campaign details, target emails, and interaction timestamps. Frontend: Built a responsive dashboard using React and Vite, featuring Lucide-React for a professional security-focused UI. Routing: Implemented React Router for seamless navigation between the dashboard and campaign creation.

Challenges we ran into

The biggest hurdle was "Cross-Platform Chaos." Since our team developed on both Windows and Mac, we faced significant issues with native binary dependencies for SQLite and environment-specific Node.exe paths in Vite. We had to learn how to properly ignore node_modules and rebuild native modules for ARM64 architecture on the fly. As well as some aspects of version controll.

Accomplishments that we're proud of

We successfully built a functional end-to-end system where a user interaction on a "phishing" email immediately reflects in the backend database. We’re also proud of implementing a clean, modular architecture that allows for easy addition of new phishing templates.

What we learned

we gained a deeper understanding of full stack web development tools and languages. as well as ways to use Ai tools more effectively, to efficiently finish our project

What's next for PhishGuard

Automated Training: Redirecting users who click the link to a "Teachable Moment" page with cybersecurity tips. AI Templates: Using LLMs to generate highly personalized and convincing phishing content based on public employee data. Advanced Analytics: Visualizing "vulnerability trends" over time to show if company security culture is actually improving.

Built With

Share this project:

Updates