Clickfix Mitigator

ClickFix Mitigator is a defensive browser extension that helps prevent social-engineering attacks commonly known as ClickFix.

It detects suspicious on-page instruction flows (such as fake “Win+R / Win+X + paste” prompts), clipboard-command mismatch behavior, and related high-risk indicators before execution.

Key extension features:

Real-time detection of ClickFix-like interaction patterns.
Clipboard threat analysis for suspicious command payloads and obfuscation.
Domain allow/block controls to tune protection by environment.
Optional script-execution lock on blocked pages, with temporary allow options (“allow once” / “allow this session”).
Manual report support for suspicious pages and events.
ClickFix Mitigator also integrates with a web platform for security operations:

Centralized alert triage with verdicts (pending, accepted, rejected) and bulk review actions.
Event timeline, grouped domain activity, recurrence markers, and related-alert exploration.
Evidence workflow with screenshots (after from extension + server-generated before snapshot), including admin approval.
Investigation workspace with role-based access and analyst workflows.
Extension messaging and policy controls for managed environments.
This project is built for defensive security use: reduce accidental command execution, improve visibility, and speed up incident response.

Analyst Registration: https://clickfix.jordiserrano.me