DEV Community

joshua be
joshua be

Posted on

Title: I built a AI Network Monitor to track where my data is actually going 🚀

#networking #python #security #showdev

Have you ever wondered what’s happening in the background of your computer? I wanted a lightweight way to see my active network connections without installing heavy third-party software—so I built my own tool in Python. This started after an interview with this AI on this site, my antivirus was getting alerted but I thought this was normal but then random windows started to pop up. And the interview ended way too fast.

What it does:

Real-time Monitoring: It scans active network connections and identifies the processes behind them.

Private IP Lookups: I integrated the ipapi.co API over HTTPS to identify the owners/organizations of external IP addresses.

Smart Logging: It keeps a clean history and flags specific connections into a local CSV file for later review.
Enter fullscreen mode Exit fullscreen mode

The Tech Stack:

Python: The core logic.

Psutil: For grabbing system-level network information.

Requests: To handle the API with virutotal initially and then Mistral the LLM.  You put your own APIs
Enter fullscreen mode Exit fullscreen mode

This project was a great lesson in handling network data and managing Git workflows (including a few "fun" battles with merge conflicts along the way!).

Check out the repository here:

GitHub logo Thepost-coder / Network-Monitor-

Network Monitor, Send your active connections to a LLM and Virustotal to check for intrusion

🔒 Network Monitor with AI Analysis

A lightweight Python tool that monitors all network connections on your Windows PC in real time, checks them against VirusTotal, and uses Mistral AI to explain anything suspicious — in plain English.

💡 How It Started

This tool was born out of a simple question — "After a job interview with screen sharing, and weird new windoes keep popping up, pictures of your face taken, how do I know my PC is safe?"

Looking at network connections with tools like GlassWire raised more questions than answers. Unknown domains, raw IP addresses, weird process names — with no easy way to know what was safe and what wasn't.

So this tool was built to do exactly that — monitor, filter, check, and explain — automatically.

✨ Features

  • Real time monitoring — scans all active network connections every 5 seconds
  • Domain whitelist — known safe domains…


View on GitHub


I'm looking to add more features soon. If you have ideas for what I should track next, let me know in the comments!

Top comments (0)