How can we help?

HijackShield supports all Chromium-based browsers including Google Chrome, Microsoft Edge, Brave, and Opera, as well as Mozilla Firefox. The extension uses the Manifest V3 (MV3) standard for Chromium browsers.

HijackShield currently supports Windows and macOS. The browser extension works on any supported browser, and the Go agent runs as a local service on both operating systems. iPhone and Android support is coming soon.

No. Detection and scoring run entirely on your device with no cloud dependency. The browser extension and local Go agent work offline, on VPN, and behind firewalls. An internet connection is only needed for the optional Sentinel SIEM integration to forward detection events to your Azure tenant.

No. HijackShield never sends page content, URLs, or credentials to AiTM Security servers. All detection runs locally. If your organization configures the optional Sentinel integration, detection events (not page content) are sent directly to your organization's own Azure tenant — never through AiTM Security infrastructure.

Automated phishing email remediation works with any Microsoft 365 plan, from Business Basic and up. It uses Microsoft 365 Compliance Search, which is included in all plans. You do not need Defender for Office 365 Plan 2 or an E5 license. The Azure components (Sentinel, Logic Apps, Automation) are pay-as-you-go at negligible cost for alert-driven workloads.

Remediation time depends on tenant size. In testing across 1,372 mailboxes, the full pipeline completed in approximately 8 minutes — about 2 minutes for the Sentinel NRT rule to fire, then roughly 6 minutes for the remediation workflow to search and purge across all mailboxes.

HijackShield detects every major corporate phishing technique including AiTM proxy attacks (Sneaky 2FA, Tycoon 2FA, EvilProxy, Salty 2FA, Mamba 2FA), Browser-in-the-Middle (BitM), Browser-in-Browser (BitB), device code phishing, ClickFix attacks, brand impersonation across Microsoft, Google, Okta, Meta, LinkedIn, Amazon, and Apple, credential exfiltration, government impersonation, fraudulent e-commerce, and more.

No. HijackShield provides full phishing detection and blocking without Sentinel. The Sentinel integration is an optional enterprise add-on that enables automated phishing email remediation, structured alerting, and SOC workflows. Even if you don't currently use Sentinel, you can spin up an instance specifically for HijackShield's remediation pipeline at essentially no cost.

HijackShield offers a 30-day free trial with full access to all features. No payment information is required to start. At the end of the trial, you can subscribe to continue using HijackShield or the trial access will expire.

We offer a full refund for any reason within the first 30 days of a new subscription purchase. This applies to both consumer and commercial plans. Contact billing@hijackshield.ai to request a refund.