// tools

Zero Day Collective — Open Source Projects

SessionSentinel

A browser extension for Chrome (Manifest V3) and Firefox (Manifest V2) that monitors session tokens and authentication cookies to detect suspicious account activity. Catches session hijacking, token replay attacks, and concurrent session usage across browser profiles. Includes built-in patterns for GitHub, Google, Facebook, X/Twitter, Amazon, and Microsoft, with support for custom site patterns and configurable alert sensitivity. Token values are never stored in plaintext — only SHA-256 hashes persist locally with no external network requests.

View Repository

Vitiate

A Manifest V3 browser extension that poisons behavioral telemetry and reduces biometric signal quality used by automated scraping and profiling systems. Intercepts high-signal browser events (mousemove, click, keydown, scroll, submit), injects synthetic noise with intensity-aware profiles, obfuscates keystroke timing fingerprints, sanitizes likely PII patterns in form and paste flows, and poisons common canvas and WebGL fingerprinting paths. Runs entirely locally with per-domain control over protection intensity and a live popup dashboard tracking session and lifetime metrics.

View Repository

Redd-Eye

A browser extension for Reddit (Chrome MV3 and Firefox) that flags AI-generated content and highlights accounts matching bot behavior patterns. Combines AI-writing heuristics — low burstiness, over-formal phrasing, repetitive linguistic patterns — with bot-account detection based on username and behavioral signals. Adds confidence-scored visual highlights while you browse, with detailed score breakdowns on hover and configurable AI and bot sensitivity thresholds to tune false-positive/false-negative balance.

View Repository