DEV Community

joshua be
joshua be

Posted on

Title: I built a AI Network Monitor to track where my data is actually going 🚀

#networking #python #security #showdev

Have you ever wondered what’s happening in the background of your computer? I wanted a lightweight way to see my active network connections without installing heavy third-party software—so I built my own tool in Python. This started after an interview with this AI on this site, my antivirus was getting alerted but I thought this was normal but then random windows started to pop up. And the interview ended way too fast.

What it does:

Real-time Monitoring: It scans active network connections and identifies the processes behind them.

Private IP Lookups: I integrated the ipapi.co API over HTTPS to identify the owners/organizations of external IP addresses.

Smart Logging: It keeps a clean history and flags specific connections into a local CSV file for later review.
Enter fullscreen mode Exit fullscreen mode

The Tech Stack:

Python: The core logic.

Psutil: For grabbing system-level network information.

Requests: To handle the API with virutotal initially and then Mistral the LLM.  You put your own APIs
Enter fullscreen mode Exit fullscreen mode

This project was a great lesson in handling network data and managing Git workflows (including a few "fun" battles with merge conflicts along the way!).

Check out the repository here:

GitHub logo Thepost-coder / Network-Monitor-

A network monitor using LLM to enhance safety

🔒 Network Monitor with AI Analysis

A lightweight Python tool that monitors all network connections on your Windows PC in real time, checks them against VirusTotal, and uses Mistral AI to explain anything suspicious — in plain English.

💡 How It Started

This tool was born out of a simple question — "After a job interview with screen sharing, weird new windows keep popping up, pictures of your face taken, how do you know my PC is safe?"

Looking at network connections with tools like GlassWire raised more questions than answers. Unknown domains, raw IP addresses, weird process names — with no easy way to know what was safe and what wasn't.

So this tool was built to do exactly that — monitor, filter, check, and explain — automatically.

✨ Features

  • Real time monitoring — scans all active network connections every 5 seconds
  • Domain whitelist — known safe domains like…


View on GitHub

I'm looking to add more features soon. If you have ideas for what I should track next, let me know in the comments!

Top comments (0)