Back to Documentation
General
LegitGuard Safari Extension

About

Updated December 25, 2025

About LegitGuard

Mission

LegitGuard was created with a simple goal: help users identify potentially dangerous websites without compromising their privacy. In an era where online threats are increasingly sophisticated, we believe users deserve security tools that protect them without collecting their data.

What is LegitGuard?

LegitGuard is a privacy-first Safari extension for macOS that provides instant security analysis of websites. Unlike traditional security tools that rely on external APIs and cloud services, LegitGuard performs all analysis locally on your device. This means:

  • Instant Results: No waiting for external servers to respond
  • Complete Privacy: Your browsing data never leaves your device
  • Works Offline: No internet connection required for analysis
  • Zero Tracking: No analytics, no telemetry, no data collection

Our Philosophy

Privacy by Design

Privacy isn't an afterthought - it's built into every aspect of LegitGuard. We believe that security analysis should help protect users without requiring them to sacrifice their privacy. By processing everything locally, we ensure that your browsing data remains yours alone.

Transparency

We're open about how LegitGuard works. All our detection algorithms are based on pattern analysis that runs entirely on your device. There are no hidden services, no secret data collection, and no black-box processing.

User Empowerment

LegitGuard gives you the information you need to make informed decisions about website safety. We don't block websites or make decisions for you - we provide analysis and let you decide.

How LegitGuard Works

LegitGuard uses advanced pattern-based detection algorithms to analyze websites. When you click the extension icon, it performs 11 comprehensive security checks:

  1. HTTPS Verification: Ensures the site uses encrypted connections
  2. Domain Analysis: Detects suspicious domain patterns (IP addresses, unusual structures)
  3. Character Encoding Checks: Identifies potential homoglyph attacks using international characters
  4. Typosquatting Detection: Advanced Levenshtein distance algorithm to detect domains similar to 64+ known brands
  5. TLD Analysis: Flags suspicious top-level domains commonly used in scams
  6. Pattern Detection: Identifies unusual domain structures and patterns
  7. Numeric Pattern Analysis: Detects random number combinations often used in phishing
  8. Mixed Script Detection: Identifies domains mixing different character sets (homoglyph attacks)
  9. Random String Detection: Flags domains with random-looking character sequences
  10. Port Number Analysis: Detects non-standard ports
  11. Phishing Keyword Detection: Identifies common phishing and scam keywords

All these checks happen instantly on your device, without any external communication.

Technical Details

Architecture

LegitGuard is built as a Safari Web Extension using:

  • Safari Web Extensions API: Native macOS Safari integration
  • JavaScript (ES6+): Modern JavaScript for pattern detection algorithms
  • Local Processing: All analysis runs in the browser extension context
  • No External Dependencies: No external libraries or services required

Detection Algorithms

Our detection algorithms use various techniques:

  • Pattern Matching: Regular expressions and string analysis
  • Levenshtein Distance: Edit distance algorithm for typosquatting detection
  • Statistical Analysis: Character frequency and pattern analysis for random string detection
  • Rule-Based Checks: Domain structure and URL pattern analysis

Performance

LegitGuard is designed for speed:

  • Analysis Time: Typically completes in under 100ms
  • Memory Usage: Minimal - only processes current page URL
  • Battery Impact: Negligible - only runs when you click the icon
  • Network Usage: Zero - no network requests

Limitations

Pattern-Based Detection

LegitGuard uses pattern-based detection, which means:

  • Not 100% Accurate: May occasionally flag legitimate sites (false positives) or miss sophisticated attacks (false negatives)
  • Heuristic-Based: Relies on patterns and heuristics rather than a comprehensive database
  • No Real-Time Threat Intelligence: Doesn't use external threat feeds or blacklists

Use as a Tool

LegitGuard should be used as:

  • A tool to assist in making informed decisions
  • One factor in your security evaluation process
  • A way to identify obvious threats quickly

It should not be used as:

  • The sole basis for security decisions
  • A replacement for antivirus software
  • A guarantee of website safety

Our Commitment

Privacy First

We're committed to protecting your privacy. LegitGuard:

  • Never collects browsing data
  • Never sends information to external servers
  • Never uses tracking or analytics
  • Never requires user accounts

Continuous Improvement

We're constantly working to improve LegitGuard:

  • Refining detection algorithms based on feedback
  • Adding new security checks
  • Improving accuracy while maintaining privacy
  • Expanding brand protection database

Transparency Policy

We believe in being transparent about:

  • How our detection algorithms work
  • What data we access (minimal - current tab URL only)
  • What we do with that data (nothing - local processing only)
  • Our limitations and capabilities

Future Development

We have plans to enhance LegitGuard while maintaining our privacy-first approach:

  • Additional security checks
  • Expanded brand database
  • Improved detection accuracy
  • Enhanced user interface
  • Performance optimizations

Contact

To learn more about LegitGuard:

Acknowledgments

LegitGuard is built with inspiration from the security research community and privacy advocates who believe that security and privacy can coexist.

LegitGuard: Protecting your security without compromising your privacy.

-- Version 1.0 - December 2025 --