file_02 · POCKET-ANALYST
Nullify
● BUILT AT IQOO HACKATHON 2026
A multi-agent mobile security analyst that shields students from phishing, scams, and social engineering — in real time.
problem
Students are among the most targeted groups online — fake internship offers demanding fees, phishing links disguised as bank or university portals, UPI scams over WhatsApp and SMS. Most students can feel when a message is off; nothing on their phone explains why. Nullify puts a security analyst in their pocket.
architecture
approach
- 01 Designed a multi-agent architecture: a FastAPI router agent classifies incoming input (message, link, screenshot via on-device OCR) and dispatches it to one of four specialist agents — URL scanner, scam-message analyzer, internship verifier, and social-engineering detector.
- 02 The URL scanner is a genuinely trained ML pipeline, not an LLM wrapper: a Random Forest of 100+ trees trained on PhishTank, OpenPhish, and Kaggle data, fed by a 7-stage pipeline — URL normalization, WHOIS/DNS/SSL and entropy analysis, page-content extraction, headless-browser redirect tracing, and 20–30 engineered features.
- 03 Every verdict returns a 0–100 risk score with a plain-English breakdown of what makes the input dangerous and what to do next — including direct routes to the National Cyber Crime Reporting Portal.
stack
Python FastAPI scikit-learn Selenium BeautifulSoup Flutter Firebase LLM APIs
impact
- End-to-end working system built under hackathon constraints: mobile app, agent orchestration backend, and a trained detection model — each component matched to the work it is suited for.
- Turns vague suspicion into explained, actionable verdicts — naming the manipulation technique instead of just flagging it.
key learnings
- Routing between trained models and LLM agents is an architecture decision: use ML where labeled data exists, LLMs where explanation and language understanding matter.
- Explainability is the product — a risk score without a why does not change user behavior.