Enterprise-Grade Network Surveillance Dashboard with AI-Powered Security Analysis
Powered by /REI — Rootcastle Engineering & Innovation
Rootcastle Network Monitor is a comprehensive UWP (Universal Windows Platform) network monitoring and security analysis application that combines real-time traffic telemetry, host discovery, port scanning, and an AI-powered security analyst (SOFIA) in a single operator-friendly dashboard.
Built with a distinctive Matrix-themed UI, it provides network administrators, security professionals, and IT operators with powerful visibility into network activity, potential threats, and performance metrics.
- Interface Selection: Automatic detection of all active network interfaces
- Real-time Throughput: Live IN/OUT bandwidth monitoring with visual graphs
- Traffic Visualization: Animated topology view showing data flow direction
- Uptime Tracking: Session duration and connection stability monitoring
- Protocol Distribution: TCP/UDP/ICMP/Other packet breakdown with live counters
- Bandwidth Usage: Percentage-based utilization display
- Traffic History: 60-point rolling graph visualization
- Top Talkers: Identification of highest traffic-generating hosts
- Application Breakdown: Traffic categorization by service/port
- Conversation Tracking: Host-to-host communication monitoring
- Multiple Scan Types:
- Quick Scan (common ports)
- Full Scan (1-1024)
- Stealth Scan
- UDP Scan
- Service Detection
- OS Detection
- Vulnerability Scan
- Network Discovery: /24 subnet auto-discovery
- Custom Port Ranges: Flexible port specification (e.g.,
22,80,443or1-1000) - CIDR Support: Scan entire subnets with
/24notation - Host Detection: Ping-based and TCP connect scanning
- OS Fingerprinting: TTL-based operating system detection
- Live Packet Log: Real-time packet capture display
- Connection Tracking: Active connection list with protocol/endpoint info
- Packet Details: Expandable view for individual packet inspection
- Recording Mode: Capture sessions for later analysis
- Filter Support: Protocol-based and custom expression filtering
- Suspicious Traffic Detection: Configurable heuristics for anomaly detection
- Port Scan Detection: Identification of scanning behavior patterns
- DoS/DDoS Indicators: Burst traffic pattern recognition
- TLS/PKI Analysis:
- TLS 1.3 / TLS 1.2 / Weak TLS counters
- Certificate monitoring
- DNS Security Insights:
- Query counting
- NXDOMAIN tracking
- DNS tunneling heuristics
- Zero-Trust Visibility: Identity/Resource/Access event logging
- Real-time Alerts: Configurable alert thresholds with notification feed
- Natural Language Queries: Ask questions about your network in plain language
- Multi-Language Support: Turkish, English, German, French, Spanish, Japanese, Chinese
- AI Model Selection: Choose from multiple LLM providers:
- LLaMA 3.2 3B (Free)
- LLaMA 3.1 8B (Free)
- Mistral 7B (Free)
- Gemma 2 9B (Free)
- Qwen 2.5 7B (Free)
- DeepSeek V3 (Paid)
- GPT-4o Mini (Paid)
- Claude 3.5 Haiku (Paid)
- Quick Analysis Actions:
- 📊 Traffic Analysis
- 🛡️ Security Scan
- 🔥 Firewall Recommendations
- 📝 Executive Summary
- 🎯 Anomaly Detection
- 📈 Performance Analysis
- 🔍 Top Talkers Report
⚠️ Incident Response
- Latency Monitoring: Real-time ping latency tracking
- Jitter Calculation: Network stability measurement
- Packet Loss: Loss percentage estimation
- Throughput: Mbps-based speed calculation
- Matrix-Themed Design: Distinctive dark terminal aesthetic
- Tabbed Navigation: Monitor / Scanner / Security / AI sections
- Live Terminal Output: Real-time system event logging
- Responsive Panels: Collapsible detail views
- Auto-Scroll: Configurable log scrolling behavior
┌─────────────────────────────────────────────────────────────┐
│ Rootcastle Network Monitor │
├─────────────────────────────────────────────────────────────┤
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────────────┐ │
│ │ UI Layer │ │ AI Engine │ │ Network Engine │ │
│ │ (XAML/UWP) │ │ (SOFIA) │ │ (System.Net) │ │
│ └──────┬──────┘ └──────┬──────┘ └──────────┬──────────┘ │
│ │ │ │ │
│ ┌──────┴────────────────┴─────────────────────┴──────────┐│
│ │ Core Services ││
│ │ • Traffic Monitor • Packet Capture ││
│ │ • Port Scanner • Threat Detection ││
│ │ • QoS Metrics • Alert Management ││
│ └────────────────────────────────────────────────────────┘│
├─────────────────────────────────────────────────────────────┤
│ External APIs: OpenRouter (AI) • ipify.org (WAN IP) │
└─────────────────────────────────────────────────────────────┘
| Component | Technology |
|---|---|
| Platform | Universal Windows Platform (UWP) |
| Language | VB.NET |
| UI Framework | XAML |
| Network APIs | System.Net.NetworkInformation, System.Net.Sockets |
| HTTP Client | Windows.Web.Http |
| JSON Processing | Windows.Data.Json |
| AI Integration | OpenRouter API |
App1/
├── App.xaml # Application resources and startup
├── App.xaml.vb # Application code-behind
├── MainPage.xaml # Main UI layout (Matrix-themed dashboard)
├── MainPage.xaml.vb # Core application logic
│ ├── Initialization # App startup and timer setup
│ ├── Interface Selection # Network adapter management
│ ├── Monitoring # Real-time traffic capture
│ ├── UI Display # Graph and topology rendering
│ ├── Packet Capture # Connection tracking
│ ├── Security & Alerts # Threat detection logic
│ ├── QoS Metrics # Performance measurements
│ ├── SOFIA AI # OpenRouter integration
│ └── NMAP Scanner # Port scanning engine
├── Models.vb # Data models
│ ├── ConnectionInfo # Packet/connection data
│ ├── NmapHostResult # Scan results
│ ├── CertInfo # TLS certificate data
│ ├── AssetInfo # Network asset inventory
│ ├── ConversationInfo # Host communication tracking
│ ├── ZeroTrustEvent # Security events
│ └── PacketLogEntry # Log entries
└── Assets/ # Application icons and images
- Operating System: Windows 10 (Build 17763) or Windows 11
- Development: Visual Studio 2019/2022 with UWP workload
- Runtime: .NET Native / .NET 5+
-
Clone the repository
git clone https://github.com/rootcastleco/-REI-network-analyzer.git cd -REI-network-analyzer -
Open in Visual Studio
- Open
App1.sln - Select
Debug|x86orx64 - Set startup project to
App1
- Open
-
Build and Deploy
- Press
F5or selectDebug > Start Debugging - Deploy to
Local Machine
- Press
- Visit https://openrouter.ai
- Create a free account
- Generate an API key
- In the app, go to Settings (⚙️)
- Enter your API key (format:
sk-or-v1-...)
- Select a network interface from the dropdown
- Click ▶ START to begin monitoring
- View real-time traffic in the topology and graph panels
- Navigate to 🔍 SCANNER tab
- Enter target IP or range (e.g.,
192.168.1.0/24) - Select scan type
- Click 🔍 SCAN or 🌐 DISCOVER
- Navigate to 🧠 SOFIA AI tab
- Select preferred AI model and language
- Use quick action buttons or type a custom query
- Review AI-generated analysis and recommendations
This software is intended for authorized network monitoring, security testing, and educational purposes only.
- Only scan networks you own or have explicit permission to test
- Unauthorized network scanning may violate local laws
- The developers are not responsible for misuse of this tool
- ✅ Monitoring your home/office network
- ✅ Security auditing with proper authorization
- ✅ Network troubleshooting and diagnostics
- ✅ Educational and learning purposes
- ❌ Scanning third-party networks without permission
- ❌ Malicious reconnaissance or attacks
╔══════════════════════════════════════════════════════════════════╗
║ INTELLECTUAL PROPERTY NOTICE ║
╠══════════════════════════════════════════════════════════════════╣
║ ║
║ Rootcastle Network Monitor v6.0 ║
║ Copyright © 2024-2025 Rootcastle Engineering & Innovation ║
║ ║
║ All rights reserved. ║
║ ║
║ This software, including but not limited to its source code, ║
║ design, architecture, user interface, documentation, and all ║
║ associated intellectual property, is the exclusive property ║
║ of Rootcastle Engineering & Innovation. ║
║ ║
║ Unauthorized copying, modification, distribution, or use of ║
║ this software, in whole or in part, is strictly prohibited ║
║ without prior written consent from the copyright holder. ║
║ ║
║ SOFIA AI Engine and the Matrix-themed UI design are ║
║ proprietary components of this software. ║
║ ║
╚══════════════════════════════════════════════════════════════════╝
|
Multidisciplinary Software & Systems Engineer Founder and Lead Engineer at Rootcastle Engineering & Innovation With extensive hands-on experience in:
|
Rootcastle Engineering & Innovation is a technology-driven engineering company focused on building secure, mission-critical software systems. The company develops:
- 🔐 Advanced Cybersecurity Platforms — Threat detection, network monitoring, and security analysis tools
- 🌐 Secure IoT Infrastructures — Hardened communication systems for connected devices
- 🛡️ Defense-Oriented Software Solutions — Applications designed for high-reliability environments
"Where resilience, integrity, and data protection are non-negotiable."
Under the leadership of Batuhan Ayrıbaş, Rootcastle combines deep software engineering expertise with cybersecurity and defense principles. The company designs and implements:
- ✅ Secure architectures with zero-trust principles
- ✅ Hardened communication systems
- ✅ Defense-grade applications prioritizing threat prevention
- ✅ Systems built for operational continuity and long-term trust
- 🏢 Organization: Rootcastle Engineering & Innovation
- 📧 Email: Contact via GitHub
- 🔗 Repository: github.com/rootcastleco/Rootcastle-Network-Monitor
| Version | Date | Changes |
|---|---|---|
| 6.0 | 2025 | SOFIA AI integration, Multi-language support, Enhanced scanner |
| 5.0 | 2024 | NMAP-style scanner, Threat detection, Matrix UI |
| 4.0 | 2024 | Packet capture, QoS metrics |
| 3.0 | 2024 | Traffic visualization, Topology view |
| 2.0 | 2024 | Basic monitoring features |
| 1.0 | 2024 | Initial release |
- OpenRouter for AI model access
- Microsoft for the UWP platform
- The open-source community for inspiration
Rootcastle Network Monitor
Built with precision. Designed for professionals.
