Oni-Nineiota/network-anomaly-detector — reverse-engineered prompt
Reverse engineered prompt
Build me a small Python web app that can analyze Zeek conn.log style network logs in real time and flag suspicious behavior without using machine learning. I want it to catch brute force attempts, regular and slow port scans, traffic spikes that look like DDoS, and possible data exfiltration. Please include a simple dark terminal style dashboard where I can upload logs or try sample ones, see live charts, a threat score out of 100, severity, MITRE ATT&CK tags, and whether any IP matches a local known bad IP list.
I’d also like downloadable CSV and JSON incident reports, plus sample scenarios for brute force, scans, DDoS, exfiltration, combined attacks, and normal traffic so I can test it fast. Make the log parser flexible enough for common Zeek TSV formats and JSON, keep it easy to run locally and in Docker, and make sure the included tests pass. Look up current docs online if you need to.
Want more depth? Deep Reverse