Most phishing tools still rely on sending your data to the cloud.
That means your “security solution” is often just another data collection point.
So I built one that doesn’t do that at all.
Building FoilSuite: A Privacy-First Security Toolkit for the Browser and IoT
As developers, we constantly trade security for convenience.
We trust browsers to auto-fill credentials.
We rely on centralized APIs to detect threats.
We assume IoT devices will “just work” securely.
But most of these assumptions break at the edge — where devices are constrained, attackers are creative, and privacy is usually an afterthought.
That’s what led me to build FoilSuite.
🧠 Background
My PhD research at Singidunum University focused on secure communication models for constrained IoT devices using blockchain-based trust mechanisms.
The core idea was:
How do we enable tamper-resistant, decentralized communication between constrained devices without relying on a central authority?
That research naturally expanded into a broader question:
What does security look like when you remove trust in external infrastructure entirely?
🧩 The idea behind FoilSuite
FoilSuite is a set of open-source, privacy-first security tools designed around three principles:
- Everything runs locally when possible
- No external dependency for core security decisions
- Cryptographic guarantees over heuristic trust
It currently consists of three tools:
🛡️ FoilGuard — On-device phishing detection
FoilGuard is a Chrome extension that detects:
- phishing domains
- typosquatting
- homoglyph / Unicode impersonation attacks
- newly registered suspicious domains
Key design decision:
All detection logic runs entirely inside the browser.
No API calls. No telemetry. No accounts.
The goal is simple:
Your browsing data should never leave your device just to keep you safe.
🔐 FoilVault — Zero-knowledge password manager with risk-aware autofill
FoilVault is a password manager built on a zero-knowledge architecture.
But it adds something most password managers don’t:
Before autofill, it evaluates the current domain risk using FoilGuard’s detection engine.
If the domain is suspicious:
- autofill is blocked
- credentials are never exposed to the page
Most credential theft doesn’t happen through brute force — it happens through UI deception.
FoilVault is designed specifically to counter that.
🧪 FoilLab — Hands-on security lab
FoilLab is a weekly security challenge platform focused on real-world attack scenarios:
- pcap network analysis
- IoT firmware reverse engineering
- log forensics
- incident reconstruction
Each challenge is based on realistic attack patterns, followed by full walkthroughs.
The goal:
Move from theoretical security knowledge → actual attacker/defender thinking.
🔗 What connects all of this?
All three tools share the same philosophy:
- local-first execution
- privacy-preserving design
- cryptographic primitives (AES-GCM-256, Argon2id, WebAuthn)
- open-source by default
But more importantly:
They assume the browser and endpoint are part of the attack surface — not a trusted environment.
🚀 Why I built it
Most security tools today fall into two extremes:
- enterprise platforms that are powerful but opaque
- lightweight extensions that are simple but shallow
FoilSuite is an attempt to sit in the middle:
developer-friendly, privacy-first, and grounded in real security engineering.
🌐 Project
🔗 https://foilsuite.netlify.app/
Open-source feedback and contributions are welcome.
🧭 Final thoughts
Security is not just about detection.
It’s about where decisions are made.
If your security model depends on sending sensitive data to a server, you’ve already expanded your attack surface.
That assumption is what FoilSuite tries to challenge.
Top comments (0)