ThreatScope

ThreatScope – An AI-powered, privacy-first web tool that scans uploaded files, explains cybersecurity threats in plain English, and fingerprint flags them using SHA-256

Comment 1

💡 Inspiration

In an age where anyone can unknowingly download or share harmful files, we wanted to build a simple, AI-powered tool that helps users understand exactly why a file might be dangerous — without needing cybersecurity expertise.

We were inspired by:

  • The rise of malware disguised as innocent scripts or text files
  • The lack of easy-to-use, privacy-respecting tools for file analysis
  • The idea that cybersecurity should be explainable, not intimidating

Our goal was to build something both technical and educational — a platform that empowers people to detect and understand digital threats in real-time, with no server or install needed.

🛠️ How We Built It

We built ThreatScope entirely in the browser using:

  • React + TypeScript for the UI and logic
  • TailwindCSS for fast, responsive design
  • Web Crypto API to generate SHA-256 fingerprints of each uploaded file
  • Simulated Natural Language Model (NLM) logic to explain threats like:
    • Keyloggers
    • Phishing scripts
    • Ransomware loaders
    • Obfuscated payloads
  • A ledger array that mimics a blockchain to store and detect past threats

We also implemented:

  • Local file scanning and pattern detection (no files leave the browser)
  • Natural language explanations for each threat type
  • Threat severity badges and a live threat ledger display
  • Voice alerts (via Web Speech API) for high-risk detections
  • A “Built with Bolt” badge for full compliance and design polish

🚧 Challenges We Faced

  • Making everything run 100% client-side, including file reading, scanning, and hashing — without any backend or server
  • Designing a UI that could show technical threat info in a friendly, human way
  • Ensuring real-time detection and explanation without lag, even for large files
  • Simulating a blockchain ledger system without actual distributed nodes
  • Detecting and handling edge cases like:
    • Mismatched file extensions
    • Large binary files
    • Obfuscated JavaScript
  • Ensuring the entire UI was responsive for both desktop and mobile

🧠 What We Learned

  • How to use the Web Crypto API for secure, fast hashing in-browser
  • How to simulate cybersecurity analysis using pattern matching and NLM-style explanations
  • How to balance technical detection with usability and accessibility
  • How to build fully offline, privacy-first applications with zero backend
  • The power of clear, human-readable explanations in security tools

🚀 What’s Next?

  • Adding real-time threat intelligence sharing across devices
  • Integrating live malware signature databases like VirusTotal or AbuseIPDB
  • Turning ThreatScope into a browser extension
  • Deploying it with more advanced AI models for deeper code analysis
  • Offering a developer API and CLI version

Thanks to Bolt.new for the platform and the opportunity to build and ship ThreatScope 🚀⚡

Built With

Share this project:

Updates