ZeroRisk Sentinel
Protecting Students from Digital Threats
Try it out
🌐 Live Demo: https://zerorisk-sentinel.vercel.app/ (wait a while for the backend on top right to show Backend Active(Better Scanning) IT TAKES LIKE 40-50 SECS SO WAIT
💻 Frontend Repo: https://github.com/shlokkokk/zerorisk-sentinel
⚙️ Backend Repo: https://github.com/shlokkokk/zerorisk-sentinel-backend
The Problem
Students are prime targets for cyberattacks. Every day, students:
- Download "lecture_notes.pdf.exe" from sketchy course forums
- Click phishing links disguised as "university login portals"
- Install "free" software bundled with keyloggers
- Side-load APKs for "premium" apps that steal credentials
The result? Compromised accounts, stolen financial aid info, ransomware-locked thesis documents, and privacy violations—all because existing security tools are either too expensive, too complex, or require uploads to corporate clouds students don't trust.
Our Solution
ZeroRisk Sentinel is a free, student-friendly security scanner that analyzes files and URLs without execution, without uploads, without trust issues. Built by students, for students.
Core Philosophy
- Zero execution risk: Static analysis only—no sandboxes, no running suspicious code
- Zero privacy compromise: Files analyzed locally in your browser first; cloud only when you choose
- Zero security expertise required: Plain-English explanations for every threat found
How It Works
For Files
- Drop any file into the browser (or select from device)
- Multi-layered analysis:
- File header inspection (catches
invoice.pdf.exespoofing) - YARA rule matching + JavaScript pattern detection
- Keylogger signature hunting
- Entropy analysis (detects packed/encrypted malware)
- Hash lookup against VirusTotal database
- File header inspection (catches
- Get clear results: Threat score, risk explanation, and actionable advice
For URLs
- Paste any link into the scanner
- Real-time checks:
- Google Safe Browsing database
- URLHaus malware distribution list
- VirusTotal URL aggregation (70+ vendors)
- SSL certificate validation
- DNS record analysis
- Phishing keyword and suspicious TLD detection
- Understand the risk: Why this link is dangerous, what could happen if clicked
For Android Apps (APKs)
- Permission-based risk scoring: Identifies apps that can spy on you (accessibility services), steal SMS (2FA codes), or persist after uninstall
- Merged file intelligence: Combines permission analysis with malware scanning
Key Features
| Feature | Student Benefit |
|---|---|
| 100% Client-Side First | Your files stay private until you decide otherwise |
| Hybrid Architecture | Works offline with local heuristics; enhanced when backend available |
| Two Scan Modes | Quick Scan for speed, Deep Scan for thoroughness |
| AI Explanations | Groq-powered analysis explains threats in plain English |
| Demo Mode | Test with safe samples—learn without risk |
| PDF Reports | Generate professional reports for IT help desks or professors |
| Mobile Swipe Navigation | Actually works on phones (because students scan on mobile) |
| Zero Cost | Completely free, no subscriptions, no data selling |
Tech Stack
Frontend: Vanilla HTML5, Tailwind CSS, Anime.js, ECharts, Typed.js
Backend: Python Flask, Gunicorn
Security: YARA rules, AndroGuard (APK), VirusTotal API, Google Safe Browsing API
AI: Groq API (Llama 3.3 70B) for threat explanations
Repository Structure
zerorisk-sentinel/
├── index.html # File scanner interface
├── url.html # URL analyzer
├── results.html # Analysis dashboard
├── about.html # Documentation
├── main.js # Core file analysis engine
├── url-analyzer.js # URL security logic
├── generateReport.js # PDF/JSON report generation
├── server.py # Flask backend API
├── file_scanner.py # YARA + hash + entropy analysis
├── url_scanner.py # Multi-source threat intelligence
├── apk_analyzer.py # Android permission analysis
└── ai_explainer.py # LLM-powered explanations
Why Students Need This
| Student Scenario | ZeroRisk Solution |
|---|---|
| Downloading course materials from Discord/Telegram | Scan before opening—catches spoofed extensions |
| Clicking "free software" links from Reddit | URL analyzer flags phishing and malware sites |
| Installing APKs for "premium" apps | Permission analysis reveals spyware capabilities |
| Opening email attachments from "professors" | Detects RTL override attacks and spoofed filenames |
| Sharing files in group projects | Generate reports to prove files are clean |
Impact & Reach
- Addresses real student pain points: Cybersecurity threats targeting budget-conscious, time-pressed students
- Accessible to all skill levels: No security expertise required—clear explanations for everyone
- Privacy-first design: Students control their data, addressing valid concerns about corporate scanning tools
- Educational value: Demo mode teaches threat recognition through safe examples
Future Roadmap
- [ ] Sandboxed dynamic analysis for uncertain files
- [ ] Expanded format support (Office documents, PDF internals)
- [ ] Browser extension for one-click link scanning
- [ ] Community signature sharing between students
- [ ] Cryptographically signed reports for academic integrity cases
Built By
Students who got tired of seeing classmates lose access to their accounts, their money, and their work because of preventable malware infections.
ZeroRisk Sentinel: Built for the paranoid. Designed for everyone.
Submitted to Build4Students 2025
Log in or sign up for Devpost to join the conversation.