Firefox extension now live — Chrome coming soon

Browser security
that trusts
nothing.

ZeroTrust by MRichard333 enforces Zero Trust architecture at the browser level — scanning links for phishing, blocking trackers, and verifying every connection before it reaches your session. Free. No ads. No data sold.

The Firefox extension is now officially live! The Chrome version is pending final store approval. Meanwhile, the full Link Scanner and Dashboard are free to use right now.

Try Link Scanner Free Open Dashboard

Firefox Extension is Live!

Available now on Mozilla Add-ons. The Chrome version has been submitted and is pending final approval.

Non-profit org

600K+ threat feeds

Always free core tools

SiteLock certified

Dashboard Tools

Everything in the
ZeroTrust suite.

Six diagnostic tools built for real-world threat detection. Free tier includes Link Forensics, Security Audit, and Entropy Calculator — no registration required.

Free

🔗 Link Forensics

Detect phishing, obfuscation, and malware before you click. Follows the full redirect chain, inspects SSL, headers, DNS, cookies, and calculates a 0–100 safety score.

Free

🛡️ Security Audit

Interactive checklist that grades your personal or organizational defense posture against hackers. Get an instant risk score with actionable recommendations.

Free

⚡ Entropy Calculator

Test your password strength against AI brute-force attacks. Calculates entropy bits and estimates real-world crack time against modern hardware.

🚨 Identity Breach Audit

Audit your registered email against major data breaches and dark web exposure databases. Know before attackers exploit your leaked credentials.

Premium

🔎 CVE Scanner

Deep-scan your domain for known, unpatched software vulnerabilities listed in the NIST database. Identify exploitable entry points before threat actors do.

📊 History & Trends

Store scan results and track your security trends over time. Free accounts retain history for 30 days. Display a live security score badge on your own website.

Link Scanner Capabilities

Six layers of
forensic analysis.

The ZeroTrust hybrid engine runs server-side so it can inspect what your browser cannot — SSL certificates, HTTP headers, DNS records, and the full redirect chain.

Phishing Detection

Keyword scoring flags urgency language, suspicious TLDs, and lookalike domains. Missing SSL (-30 pts) and blacklisted IPs (-20 pts) penalize the safety score immediately.

92% phishing detection rate

Tracker & Cookie Analysis

Canvas fingerprinting, pixel beacons, and cross-site tracking pixels silently flagged. Insecure cookies (stealable over WiFi) and third-party ad trackers identified on every scan.

98% tracker identification

Redirect Chain Analysis

Link shorteners and multi-hop redirects are a favourite attacker technique. ZeroTrust follows every hop to reveal the true final destination — before you click.

100% redirect chain visibility

Security Headers Audit

Every scan checks for HSTS, CSP, X-Frame-Options, and other critical response headers. Present headers boost the safety score; absent ones raise red flags.

87% header coverage scored

DNS & Network Intel

MX, SPF, DMARC, and DNSSEC records checked server-side. IP geolocation, ISP identification, and blacklist status from multiple threat intelligence feeds cross-referenced.

100% server-side DNS inspection

SSL & Certificate Pinning

Certificate validity, expiry, issuer, and pin matching verified for every scan. MITM attacks and SSL stripping attempts are flagged even when your OS CA store is compromised.

95% MITM detection rate

Hybrid Engine

How ZeroTrust
scans a link.

Unlike browser extensions that only see what your browser sees, ZeroTrust's server-side engine at mrichard333.com reaches further — inspecting headers, DNS, and certificates your browser can't access directly.

Submit URL

Paste any link into the Link Forensics scanner. The URL is sent to scan_engine.php on MRichard333's secure cloud — never stored or profiled against you.

Deep Inspect

The hybrid engine follows the full redirect chain, fetches SSL certs, reads HTTP security headers, queries DNS records, and checks 600K+ threat intelligence feeds.

Score & Flag

A weighted 0–100 safety score is calculated. Phishing keywords, missing SSL, blacklisted IPs, and insecure cookies each carry specific score penalties.

Report & Export

Full results shown across Overview, Threats, Security, Technology, Privacy, and Network tabs. Export as JSON or generate a live embed badge for your own website.

zerotrust · scan_engine.php · link-forensics

$ zerotrust --scan https://example-url.com --verbose

[14:22:01] Engine V3.4 · 600K+ threat feeds loaded · Hybrid mode active

[14:22:03] WARN Phishing keyword score: -15 · urgency language detected

[14:22:05] BLOCK Canvas fingerprint probe · fb.com pixel · tracker flagged

[14:22:07] PASS SSL cert valid · HSTS present · Safety Score: 94/100

FAQ

Common questions
answered.

How does ZeroTrust's Hybrid Engine work?

ZeroTrust uses a server-side engine (scan_engine.php) that pings the target website from MRichard333's secure cloud. This lets the engine inspect SSL certificates, HTTP headers, and DNS records that your browser cannot access directly due to CORS and security restrictions — making it far more thorough than a browser-only tool.

How is the 0–100 Safety Score calculated?

The score uses a weighted algorithm. Points are deducted for missing SSL (-30), phishing keywords (-40), and blacklisted IPs (-20). Scores are boosted for valid security headers like HSTS and CSP, and for long-established domain ages. The final score reflects the overall trustworthiness of the destination.

What is Redirect Chain Analysis and why does it matter?

Attackers often hide a malicious final destination behind link shorteners or multiple redirects. ZeroTrust follows every hop in the redirect chain. If a link starts at tinyurl.com but ends at malware-site.ru, you'll see the full path and the true final destination before clicking anything.

Is my data and scan history private?

Yes. ZeroTrust operates on an anonymized processing model. Connection IPs are logged strictly for DDoS protection and legal compliance — they are never linked to the specific URLs you scan. No user profiles are built from scan history. Free account history is automatically deleted after 30 days.

Is ZeroTrust really free? Are there any ads?

The core tools — Link Forensics, Security Audit, and Entropy Calculator — are free with no ads, forever. MRichard333 is a non-profit organization. A premium tier unlocks unlimited scans, the Early Warning System API, the CVE Scanner, and unlimited scan history retention.

Get started free

The Firefox extension is live.
Chrome is coming soon.

Get the official ZeroTrust extension for Firefox today. The Chrome version is currently pending final store approval. Or, use the web suite right now.

Chrome PENDING

Awaiting Chrome Web Store approval

Firefox LIVE

Available on Mozilla Add-ons

USE THE WEB TOOLS NOW

Link Forensics Scanner LIVE

Free · No login required · Production V3.4

Full Dashboard LIVE

CVE Scanner · Breach Audit · History · Site Badges

✓ Free core tools ✓ No ads, ever ✓ 600K+ threat feeds ✓ Non-profit organization ✓ SiteLock & DMCA protected