DataSentry - Client-side DLP

About

DataSentry — Client-Side Data Leak Detection

# Overview

DataSentry is a Chrome extension that monitors browser network requests in real time and alerts you when sensitive information may be exposed.

It acts as a security guard for your API traffic — analyzing outgoing requests to help detect accidental leaks of passwords, tokens, personal data, and other confidential information *before they leave your browser.

Built for developers, security professionals, and privacy-conscious users, DataSentry brings Data Loss Prevention (DLP) capabilities directly into Chrome.

🎯 Key Features
Real-Time Network Monitoring
* Intercepts browser network requests (GET, POST, PUT, etc.)
* Analyzes request bodies, headers, and URL parameters
* Instant alerts when sensitive data patterns are detected
* Lightweight background monitoring

Advanced Detection Engine -
DataSentry uses pattern recognition, heuristics, and entropy analysis to detect:

* Personal Information (PII)
* Email addresses
* Phone numbers
* Credit card numbers (Luhn validated)
* Aadhaar & SSN patterns
* Dates of birth and other personal data

* Authentication & Secrets
* Plain-text passwords
* JWT tokens
* API keys and access tokens
* AWS access keys
* GitHub tokens
* High-entropy strings that resemble secrets

* Risky Data Patterns
* Sensitive JSON field names (password, ssn, dob, etc.)
* Tokens in URL query parameters
* Base64-encoded secrets
* Large payloads indicating possible data dumps

🧠 Smart Detection Methods
* Regex Pattern Matching for common sensitive formats
* JSON Field Analysis to detect risky keys
* Shannon Entropy Analysis to identify encrypted or random secrets
* Luhn Validation for credit cards
* Context-aware filtering to reduce false positives

🖥 User Interface
# Popup Dashboard
* Detection statistics and risk levels
* Recent alerts with severity indicators
* Quick access to settings and logs

# Detailed Inspection
* Full request headers and body
* Highlighted sensitive findings
* Copy/export request data

# Live Alerts
* On-page warning banners
* Extension badge counter

⚙️ Customization
* Sensitivity Levels
  * Low (critical leaks only)
  * Medium (recommended)
  * Strict (all potential risks)

* Domain Whitelist
  * Exclude trusted domains
  * Ideal for dev/test environments

* Quick Toggle
  * Enable/disable monitoring anytime

🔒 Privacy & Security

* 100% local processing —> nothing is sent to external servers
- No data collection, tracking, or analytics
- Detection history stored only in your browser
- You control your data at all times

🚀 Use Cases
* Developers
- Catch accidental data leaks
- Debug insecure API calls
- Improve application security

* Security Professionals
- Identify exposure points
- Support audits and testing
- Analyze data transmission risks

* Privacy-Conscious Users
- See what websites send
- Monitor personal data exposure
- Gain transparency and control

⚙️ How It Works
1. Intercepts outgoing network requests
2. Analyzes payloads and headers
3. Detects sensitive data patterns
4. Alerts you in real time
5. Logs findings for review

⚠️ Limitations
* Monitors client-side requests only
* Cannot decrypt HTTPS beyond browser visibility
* Does not block requests — detection only
* May produce false positives in strict mode

✅ Best Practices
* Start with **Medium sensitivity**
* Whitelist trusted domains
* Review detection logs regularly
* Use during development and testing

🌟 Why DataSentry
✔ Real-time leak detection
✔ Comprehensive sensitive data coverage
✔ Privacy-first architecture
✔ Developer-focused inspection tools
✔ Fully customizable
✔ Lightweight and easy to use

🚨 Security Disclaimer
DataSentry helps detect potential leaks but does not replace secure coding practices. Always follow OWASP guidelines and proper data protection standards.
* Protect your data. Monitor your traffic. Stay secure.
* DataSentry — Your browser’s data security guard.