# About

## What is Check?

**Check** is a browser extension that provides real-time protection against Microsoft 365 phishing attacks.

Specifically designed for enterprises and managed service providers, Check uses sophisticated detection algorithms to identify and block malicious login pages before credentials can be stolen by bad actors.

Check is available for **Chrome**, **Microsoft Edge**, and **Firefox** (109+ <mark style="color:orange;">Coming Soon!</mark>).

The extension integrates seamlessly with existing security workflows, offering centralized management, comprehensive logging, and offers an optional CIPP integration for MSPs managing multiple Microsoft 365 tenants.

Check is completely free, open source, and can be delivered to users completely white-label, it is an open-source project licensed under AGPL-3. You can contribute to check at <https://github.com/cyberdrain/Check>.

Installing the plugin immediately gives you protection against AITM attacks and takes seconds. Click the install button and you're good to go.

<a href="https://microsoftedge.microsoft.com/addons/detail/check-by-cyberdrain/knepjpocdagponkonnbggpcnhnaikajg" class="button primary">Install for Edge</a> **OR** <a href="https://chromewebstore.google.com/detail/benimdeioplgkhanklclahllklceahbe" class="button primary">Install for Chrome</a> **OR** <a href="readme" class="button secondary">Firefox (Coming Soon!)</a>

## Why was Check created?

Check was created out of a need to have better protection against AITM attacks. During a CyberDrain brainstorming session CyberDrain's lead dev came up with the idea to create a Chrome extension to protect users:

<figure><img src="https://3839320335-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FFtDhotz26LyzVUTgqw4L%2Fuploads%2F8enenniPVDeUb9GmvLaJ%2Fimage.png?alt=media&#x26;token=ec56eabe-4cbf-42a5-8e30-367090f77d35" alt=""><figcaption></figcaption></figure>

This led to a hackathon in which the team crafted a proof of concept. This proof of concept led to the creation of Check by CyberDrain. CyberDrain decided to offer Check as a free to use community resource, for everyone.

### What information does Check collect?

Nothing. We're not even kidding, we don't collect any data at all. You can set up a CIPP reporting server if you'd like, but this reports directly to your own environment. CyberDrain doesn't believe in making their users a product. We don't sell or collect any information.

## How does it look?

When a user gets the plugin added, a new icon will appear, this icon is [brandable](https://docs.check.tech/settings/branding) to customize it to your own logo and name.

<figure><img src="https://3839320335-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FFtDhotz26LyzVUTgqw4L%2Fuploads%2FrFdi03C0W1QZ2EzGw0IK%2Fimage.png?alt=media&#x26;token=5fb72d17-ac31-41be-8c11-6e04ff9bf7eb" alt=""><figcaption></figcaption></figure>

When visiting a page that is suspect, but our certainty if the page is phishing is too low we'll show a banner on the page to warn users, if we're sure about the page being an AITM or phishing attack, we'll block the page entirely:

<figure><img src="https://3839320335-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FFtDhotz26LyzVUTgqw4L%2Fuploads%2FQizUlCQqdn0ywPB2ZaDm%2Fimage.png?alt=media&#x26;token=981d0905-a0ea-4bc6-ae7d-1f6b9e330aa3" alt=""><figcaption></figcaption></figure>

This too is completely [brandable](https://docs.check.tech/settings/branding), and can be made to match company colours. The Contact Admin button is a mailto: link that contains the information about what page the user tried to visit, including a defanged URL.