Enterprise App Protection

About

Enterprise App Protection helps you spot phishing links that pretend to be a well-known enterprise app — DocuSign, Microsoft 365, ServiceNow, and ~1,000 others — but actually point somewhere else.

HOW IT WORKS
Modern browsers already protect you from known-bad sites using Safe Browsing, SmartScreen, and similar reputation-based systems. But a brand-new lookalike domain registered an hour ago for a single targeted email won't be in any of those databases yet.

This extension closes that gap with one simple, local check: if a link's visible text says "DocuSign" (or any of ~1,000 other enterprise apps), does the link actually point to a domain DocuSign owns? If not, a small warning badge (⚠) appears next to the link. Click it to see why it was flagged, and trust the domain with one click if it's a false positive.

FEATURES
• Scans every page you visit, including dynamically loaded content (Outlook Web, Teams, SharePoint, etc.)
• Inline warning badges with one-click "Trust this domain"
• Maintain your own Trusted and Blocked domain lists
• Searchable dashboard of every flagged link
• Works fully offline — the ~1,000-app domain database ships with the extension and refreshes periodically from a configurable URL
• Light and dark mode, follows your system theme

PRIVACY
• No accounts, no tracking, no analytics
• All link analysis happens locally and synchronously on the page — no per-link network requests
• The only network activity is a periodic, anonymous download of the domains database
• Your flagged-link history never leaves your device

LIMITATIONS
This extension only fires when a link's visible text names a known app — links with no brand name in their text are invisible to it. The domain database is community-maintained and won't be complete. Treat this as a useful extra signal that complements, not replaces, Safe Browsing / SmartScreen / Defender.

Open source: https://codeberg.org/365DevNet/EnterpriseAppProtection