Serious Discussion [Extension] Symantec browser protection(Symantec intelligence)

[Vitali Ortzi]

seems like it uses web pulse( you can verify by seeing every link and script etc inside the page being sent to https://ent-shasta-rrs.symantec.com/webpulse/* by a GET request ) and to modify defaults to add more categories or set threat by changing (category_ids), (threat_level)

the defaults are basically using only catagory based detection and set to malware , pishing only and they used these defaults to have the lowest amount of false positives possible on their end
but if anyone has time to modify the extension i would recommend setting threat_level to between 10-8

here you can read about risk threat Categories Are Useful, But It Is Time For Risk Levels and here is a whitepaper about the tech used in webpulse https://docs.broadcom.com/doc/webpulse-en

 

[Vitali Ortzi]

blocks sites undetected by norton

 

[Vitali Ortzi]

list of categories

{

  "1": {
    "message": "Adult/Mature Content"
  },
  "3": {
    "message": "Pornography"
  },
  "4": {
    "message": "Sex Education"
  },
  "5": {
    "message": "Intimate Apparel/Swimsuit"
  },
  "6": {
    "message": "Nudity"
  },
  "7": {
    "message": "Gore/Extreme"
  },
  "9": {
    "message": "Scam/Questionable Legality"
  },
  "11": {
    "message": "Gambling"
  },
  "14": {
    "message": "Violence/Intolerance"
  },
  "15": {
    "message": "Weapons"
  },
  "16": {
    "message": "Abortion"
  },
  "17": {
    "message": "Hacking"
  },
  "18": {
    "message": "Phishing"
  },
  "20": {
    "message": "Entertainment"
  },
  "21": {
    "message": "Business/Economy"
  },
  "22": {
    "message": "Alternative Spirituality/Belief"
  },
  "23": {
    "message": "Alcohol"
  },
  "24": {
    "message": "Tobacco"
  },
  "25": {
    "message": "Controlled Substances"
  },
  "26": {
    "message": "Child Pornography"
  },
  "27": {
    "message": "Education"
  },
  "29": {
    "message": "Charitable/Non-Profit"
  },
  "30": {
    "message": "Art/Culture"
  },
  "31": {
    "message": "Finance"
  },
  "32": {
    "message": "Brokerage/Trading"
  },
  "33": {
    "message": "Games"
  },
  "34": {
    "message": "Government/Legal"
  },
  "35": {
    "message": "Military"
  },
  "36": {
    "message": "Political/Social Advocacy"
  },
  "37": {
    "message": "Health"
  },
  "38": {
    "message": "Technology/Internet"
  },
  "40": {
    "message": "Search Engines/Portals"
  },
  "43": {
    "message": "Malicious Sources/Malnets"
  },
  "44": {
    "message": "Malicious Outbound Data/Botnets"
  },
  "45": {
    "message": "Job Search/Careers"
  },
  "46": {
    "message": "News"
  },
  "47": {
    "message": "Personals/Dating"
  },
  "49": {
    "message": "Reference"
  },
  "50": {
    "message": "Mixed Content/Potentially Adult"
  },
  "51": {
    "message": "Chat (IM)/SMS"
  },
  "52": {
    "message": "Email"
  },
  "53": {
    "message": "Newsgroups/Forums"
  },
  "54": {
    "message": "Religion"
  },
  "55": {
    "message": "Social Networking"
  },
  "56": {
    "message": "File Storage/Sharing"
  },
  "57": {
    "message": "Remote Access"
  },
  "58": {
    "message": "Shopping"
  },
  "59": {
    "message": "Auctions"
  },
  "60": {
    "message": "Real Estate"
  },
  "61": {
    "message": "Society/Daily Living"
  },
  "63": {
    "message": "Personal Sites"
  },
  "64": {
    "message": "Restaurants/Food"
  },
  "65": {
    "message": "Sports/Recreation"
  },
  "66": {
    "message": "Travel"
  },
  "67": {
    "message": "Vehicles"
  },
  "68": {
    "message": "Humor/Jokes"
  },
  "71": {
    "message": "Software Downloads"
  },
  "83": {
    "message": "Peer-to-Peer (P2P)"
  },
  "84": {
    "message": "Audio/Video Clips"
  },
  "85": {
    "message": "Office/Business Applications"
  },
  "86": {
    "message": "Proxy Avoidance"
  },
  "87": {
    "message": "For Kids"
  },
  "88": {
    "message": "Web Ads/Analytics"
  },
  "89": {
    "message": "Web Hosting"
  },
  "90": {
    "message": "Uncategorized"
  },
  "92": {
    "message": "Suspicious"
  },
  "95": {
    "message": "Translation"
  },
  "96": {
    "message": "Web Infrastructure"
  },
  "97": {
    "message": "Content Delivery Networks"
  },
  "98": {
    "message": "Placeholders"
  },
  "101": {
    "message": "Spam"
  },
  "102": {
    "message": "Potentially Unwanted Software"
  },
  "103": {
    "message": "Dynamic DNS Host"
  },
  "104": {
    "message": "URL Shorteners"
  },
  "105": {
    "message": "Email Marketing"
  },
  "106": {
    "message": "E-Card/Invitations"
  },
  "107": {
    "message": "Informational"
  },
  "108": {
    "message": "Computer/Information Security"
  },
  "109": {
    "message": "Internet Connected Devices"
  },
  "110": {
    "message": "Internet Telephony"
  },
  "111": {
    "message": "Online Meetings"
  },
  "112": {
    "message": "Media Sharing"
  },
  "113": {
    "message": "Radio/Audio Streams"
  },
  "114": {
    "message": "TV/Video Streams"
  },
  "116": {
    "message": "Cloud Infrastructure"
  },
  "117": {
    "message": "Cryptocurrency"
  },
  "118": {
    "message": "Piracy/Copyright Concerns"
  },
  "119": {
    "message": "Generative AI"
  },
  "121": {
    "message": "Marijuana"
  },
  "124": {
    "message": "Compromised Sites"
  }
}

recommended settings

categoryLevels:{categoryLevels:{92:100,18:100,43:100,44:100,124:100,98:100}

 

[Vitali Ortzi]

list of categories

{

  "1": {
    "message": "Adult/Mature Content"
  },
  "3": {
    "message": "Pornography"
  },
  "4": {
    "message": "Sex Education"
  },
  "5": {
    "message": "Intimate Apparel/Swimsuit"
  },
  "6": {
    "message": "Nudity"
  },
  "7": {
    "message": "Gore/Extreme"
  },
  "9": {
    "message": "Scam/Questionable Legality"
  },
  "11": {
    "message": "Gambling"
  },
  "14": {
    "message": "Violence/Intolerance"
  },
  "15": {
    "message": "Weapons"
  },
  "16": {
    "message": "Abortion"
  },
  "17": {
    "message": "Hacking"
  },
  "18": {
    "message": "Phishing"
  },
  "20": {
    "message": "Entertainment"
  },
  "21": {
    "message": "Business/Economy"
  },
  "22": {
    "message": "Alternative Spirituality/Belief"
  },
  "23": {
    "message": "Alcohol"
  },
  "24": {
    "message": "Tobacco"
  },
  "25": {
    "message": "Controlled Substances"
  },
  "26": {
    "message": "Child Pornography"
  },
  "27": {
    "message": "Education"
  },
  "29": {
    "message": "Charitable/Non-Profit"
  },
  "30": {
    "message": "Art/Culture"
  },
  "31": {
    "message": "Finance"
  },
  "32": {
    "message": "Brokerage/Trading"
  },
  "33": {
    "message": "Games"
  },
  "34": {
    "message": "Government/Legal"
  },
  "35": {
    "message": "Military"
  },
  "36": {
    "message": "Political/Social Advocacy"
  },
  "37": {
    "message": "Health"
  },
  "38": {
    "message": "Technology/Internet"
  },
  "40": {
    "message": "Search Engines/Portals"
  },
  "43": {
    "message": "Malicious Sources/Malnets"
  },
  "44": {
    "message": "Malicious Outbound Data/Botnets"
  },
  "45": {
    "message": "Job Search/Careers"
  },
  "46": {
    "message": "News"
  },
  "47": {
    "message": "Personals/Dating"
  },
  "49": {
    "message": "Reference"
  },
  "50": {
    "message": "Mixed Content/Potentially Adult"
  },
  "51": {
    "message": "Chat (IM)/SMS"
  },
  "52": {
    "message": "Email"
  },
  "53": {
    "message": "Newsgroups/Forums"
  },
  "54": {
    "message": "Religion"
  },
  "55": {
    "message": "Social Networking"
  },
  "56": {
    "message": "File Storage/Sharing"
  },
  "57": {
    "message": "Remote Access"
  },
  "58": {
    "message": "Shopping"
  },
  "59": {
    "message": "Auctions"
  },
  "60": {
    "message": "Real Estate"
  },
  "61": {
    "message": "Society/Daily Living"
  },
  "63": {
    "message": "Personal Sites"
  },
  "64": {
    "message": "Restaurants/Food"
  },
  "65": {
    "message": "Sports/Recreation"
  },
  "66": {
    "message": "Travel"
  },
  "67": {
    "message": "Vehicles"
  },
  "68": {
    "message": "Humor/Jokes"
  },
  "71": {
    "message": "Software Downloads"
  },
  "83": {
    "message": "Peer-to-Peer (P2P)"
  },
  "84": {
    "message": "Audio/Video Clips"
  },
  "85": {
    "message": "Office/Business Applications"
  },
  "86": {
    "message": "Proxy Avoidance"
  },
  "87": {
    "message": "For Kids"
  },
  "88": {
    "message": "Web Ads/Analytics"
  },
  "89": {
    "message": "Web Hosting"
  },
  "90": {
    "message": "Uncategorized"
  },
  "92": {
    "message": "Suspicious"
  },
  "95": {
    "message": "Translation"
  },
  "96": {
    "message": "Web Infrastructure"
  },
  "97": {
    "message": "Content Delivery Networks"
  },
  "98": {
    "message": "Placeholders"
  },
  "101": {
    "message": "Spam"
  },
  "102": {
    "message": "Potentially Unwanted Software"
  },
  "103": {
    "message": "Dynamic DNS Host"
  },
  "104": {
    "message": "URL Shorteners"
  },
  "105": {
    "message": "Email Marketing"
  },
  "106": {
    "message": "E-Card/Invitations"
  },
  "107": {
    "message": "Informational"
  },
  "108": {
    "message": "Computer/Information Security"
  },
  "109": {
    "message": "Internet Connected Devices"
  },
  "110": {
    "message": "Internet Telephony"
  },
  "111": {
    "message": "Online Meetings"
  },
  "112": {
    "message": "Media Sharing"
  },
  "113": {
    "message": "Radio/Audio Streams"
  },
  "114": {
    "message": "TV/Video Streams"
  },
  "116": {
    "message": "Cloud Infrastructure"
  },
  "117": {
    "message": "Cryptocurrency"
  },
  "118": {
    "message": "Piracy/Copyright Concerns"
  },
  "119": {
    "message": "Generative AI"
  },
  "121": {
    "message": "Marijuana"
  },
  "124": {
    "message": "Compromised Sites"
  }
}

recommended settings

categoryLevels:{categoryLevels:{92:100,18:100,43:100,44:100,124:100,98:100}

i don't use uncategorized blocking in symantec as i have it set in checkpoint it has less false positives and when i tested symantec it even blocked google in uncategorized XD

 

[Artificial intelligence]

Hello, how can I configure this extension?

 

[Vitali Ortzi]

Hello, how can I configure this extension?

it doesn't have options to configure it you got to modify the extension via an ide ,text editor that's what i did to unlock features (SBP.js)
you put the number of the category you want block and then add :100


for example i used this categoryLevels:{categoryLevels:{92:100,18:100,43:100,44:100,124:100,98:100}

92 is Suspicious and 18 is Phishing and 43 is Malicious Sources/Malnets 44 is Malicious Outbound Data/Botnets 124 is Compromised Sites 98 is Placeholders




anyway i probably will add for myself more categories like 101 ,102

if you need help feel free to dm me

 

[Zartarra]

You can find the SBP.js file in the Edge profile location (C:\Users\<username>\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\<extensionname>\<version>).

 

[SeriousHoax]

Yeah, it blocks far more than the Norton extension. I tested this when the extension was first released some months ago. But the thing is, many things that it blocks used to be blocked by the Norton extension also as recent as last year. But later the Norton extension became weaker. Now it mainly checks the host domain while in the past it used to block third-party blacklisted connection attempts also.
But it should be mentioned that the old Norton extension never had any impact on browsing speed in my test while the Symantec Extension has performance impact as well as high CPU usage.

 

[Vitali Ortzi]

Yeah, it blocks far more than the Norton extension. I tested this when the extension was first released some months ago. But the thing is, many things that it blocks used to be blocked by the Norton extension also as recent as last year. But later the Norton extension became weaker. Now it mainly checks the host domain while in the past it used to block third-party blacklisted connection attempts also.
But it should be mentioned that the old Norton extension never had any impact on browsing speed in my test while the Symantec Extension has performance impact as well as high CPU usage.

Interesting I haven't noticed high CPU usage using Symantec on my low end laptop
Btw I assume Symantec is using the enterprise intelligence (maybe newer versions of web pluse etc )
And when you add categories like suspicious it catches a ton more malicious sites and seems to block nearly everything checkpoint misses but I will definitely look into the extension performance impact
Is there any good tool to measure extension performance so far I'm using browser task manager and it uses less resources then some extensions like Malwarebytes but far more then emsisoft , defender from my experience and yes there is impact to browsing speed

 

[Vitali Ortzi]

Yeah, it blocks far more than the Norton extension. I tested this when the extension was first released some months ago. But the thing is, many things that it blocks used to be blocked by the Norton extension also as recent as last year. But later the Norton extension became weaker. Now it mainly checks the host domain while in the past it used to block third-party blacklisted connection attempts also.
But it should be mentioned that the old Norton extension never had any impact on browsing speed in my test while the Symantec Extension has performance impact as well as high CPU usage.

i was wrong it doesn't even use webpulse as norton safe web is avast XD

 

[Artificial intelligence]

it doesn't have options to configure it you got to modify the extension via an ide ,text editor that's what i did to unlock features (SBP.js)
you put the number of the category you want block and then add :100


for example i used this categoryLevels:{categoryLevels:{92:100,18:100,43:100,44:100,124:100,98:100}

92 is Suspicious and 18 is Phishing and 43 is Malicious Sources/Malnets 44 is Malicious Outbound Data/Botnets 124 is Compromised Sites 98 is Placeholders




anyway i probably will add for myself more categories like 101 ,102

if you need help feel free to dm me

Thank you so much, This explanation helped me a lot, and with the categories you posted I already know how to configure it. Serious Discussion - [Extension] Symantec browser protection(Symantec intelligence) Thank you again

 

[Artificial intelligence]

You can find the SBP.js file in the Edge profile location (C:\Users\<username>\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\<extensionname>\<version>).

Thank you for helping me locate the SBP.js file, in my case it was in (C:\Users\<username>\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\<extensionname>\<version>). Your guide served as a reference for me to search and locate it on my own, thank you thank you thank you

 

[Trooper]

Ooo this looks interesting. So how do I go about modifying it with the categories as was mentioned previously? Thanks in advance.

 

[Artificial intelligence]

I am making a mistake, after applying the modification, edge tells me that the extension was damaged

 

[Vitali Ortzi]

SBP.js

This file has been shared with you on pixeldrain

pixeldrain.com

my config that blocks more categories ( compromised sites, placeholders,suspicious,spam ) over just malicious, pishing that symantec does by default


btw another great extension is Serious Discussion - [Extension]Checkpoint harmony web protection wich uses ai for pishing detection as well but checkpoint ai is much more advaced

 

[Artificial intelligence]

SBP.js

This file has been shared with you on pixeldrain

pixeldrain.com

my config that blocks more categories ( compromised sites, placeholders,suspicious,spam ) over just malicious, pishing that symantec does by default


btw another great extension is Serious Discussion - [Extension]Checkpoint harmony web protection wich uses ai for pishing detection as well but checkpoint ai is much more advaced

testing...
-----------------------Update-------------------
Not working for me