# WADE: A Browser Intrusion Defense System Based on Generative AI and OSINT Threat Intelligence

> WADE is an innovative browser intrusion defense system that combines Groq Llama-3, Google Gemini large language models, and multi-source OSINT threat intelligence to achieve real-time zero-day phishing website detection, malicious script identification, and social engineering attack protection.

- 板块: [Openclaw Geo](https://www.zingnex.cn/en/forum/board/openclaw-geo)
- 发布时间: 2026-05-20T05:41:11.000Z
- 最近活动: 2026-05-20T05:52:28.304Z
- 热度: 163.8
- 关键词: 网络安全, 入侵防御系统, 生成式AI, OSINT威胁情报, 钓鱼检测, 浏览器安全, 大语言模型, Llama-3, Gemini, 零日攻击防护
- 页面链接: https://www.zingnex.cn/en/forum/thread/wade-aiosint
- Canonical: https://www.zingnex.cn/forum/thread/wade-aiosint
- Markdown 来源: floors_fallback

---

## WADE: AI + OSINT-Powered Browser Intrusion Defense System - Core Overview

WADE is an innovative browser intrusion defense system that integrates Groq Llama-3, Google Gemini large language models and multi-source OSINT threat intelligence. It provides real-time zero-day phishing website detection, malicious script identification and social engineering attack protection, aiming to offer users proactive, real-time cybersecurity defense.

## Project Background & Cybersecurity Challenges

In the digital age, phishing, malicious scripts and social engineering attacks are major threats to ordinary users. Traditional antivirus software and firewalls can only intercept attacks after they occur, and are ineffective against zero-day attacks and sophisticated phishing websites. Statistics show over 90% of cyber attacks start with phishing emails or malicious links, putting users at risk the moment they click a link.

## WADE System Architecture Design

WADE adopts a three-layer architecture:
1. Edge Perception Layer: Chrome extension based on Manifest V3, which intercepts navigation requests in real time before page loading.
2. Smart Core Layer: FastAPI backend deployed on Hugging Face, integrating Groq Llama 3.3 70B and Google Gemini 1.5 Flash models for multi-model collaborative analysis.
3. Visualization Layer: Glass-morphic dashboard with CSS3 3D effects, displaying security telemetry data, threat logs and history.

## Threat Detection Mechanisms

WADE's detection process combines OSINT and AI:
1. Multi-source OSINT Integration: Queries VirusTotal v3 API, URLHaus and Phishing.Database for URL historical records and community ratings.
2. Generative AI Deep Analysis: For gray-area URLs, Llama 3.3 70B and Gemini 1.5 Flash analyze domain credibility, content semantics, phishing features and social engineering话术 via cross-validation.
3. Real-time Response: URLs with risk score >75% trigger isolation, showing a warning page with detailed reports (suspicious code, domain anomalies, SSL issues).

## Core Functional Features

1. Hover Preview Risk Assessment: Millisecond-level risk evaluation when hovering over links, displaying risk level indicators.
2. AI-driven Forensics: Generates natural language reports explaining threat reasons for blocked URLs.
3. Privacy Protection: Uses local cache for common URLs; no browsing history storage; sensitive data cleared from memory quickly.

## Technical Implementation Details

1. Browser Extension: Manifest V3, JavaScript content scripts/service workers, CSS3 glass UI.
2. Backend: FastAPI async model, SQLite3 cache, RESTful APIs (health check, model query, URL prediction).
3. AI Collaboration: Weighted voting mechanism—Llama3.3 for complex reasoning, Gemini1.5 Flash for speed/multimodal capabilities.

## Deployment & Usage

Deployment steps:
1. Clone code repository.
2. Configure GROQ, GEMINI and VIRUSTOTAL API keys.
3. Start FastAPI backend service.
4. Load extension via Chrome developer mode.

License: MIT open source, allowing free modification and secondary development.

## Application Prospects & Significance

WADE represents the evolution of cybersecurity to AI-native solutions, which understand attack semantics and have stronger generalization than traditional signature-based tools. Future applications may expand to email clients and IM tools for all-round protection. Its open source nature provides a collaborative platform for the security community to advance collective defense.