Real-Time Network Forensic Engine & Intelligent Analysis Platform
EagleEye XFlow is a real-time, AI-assisted packet and network forensic engine designed to inspect and analyze traffic across L2βL7 of the TCP/IP stack.
It empowers researchers, analysts, and engineers to capture, fingerprint, and investigate live network flows with high efficiency and minimal latency.
Built for both advanced research and practical intrusion detection, EagleEye XFlow produces structured datasets suitable for behavior analysis, anomaly detection, and performance benchmarking.
- π Deep Protocol Inspection (L2βL7): Extracts detailed fields, headers, and metadata across multiple protocols.
- π Flow Fingerprinting & Statistics: Captures 70+ attributes per flow with bidirectional tracking and precise temporal analysis.
- π Cryptographic Forensics: Entropy-based inspection for encrypted/obfuscated traffic, including packet/byte statistics over time.
- β‘ Real-Time Performance: Optimized for low-latency processing with 15β50 ms per flow.
- π€ AI-Powered Insights: Integrated with Ollama 3.2:1B for real-time interactive queries and research-driven exploration.
- π Structured Dataset Generation: Exports packet/flow metadata for downstream tasks like IDS, anomaly detection, and protocol research.
- Language: C++
- Packet Capture: libpcap / WinPcap
- Protocols Supported: IPv4, IPv6, TCP, UDP, ICMPv6, ICMP, IGMP, ARP, HTTP, TLS, QUIC, SMTP, POP, and more
- AI Integration: Ollama 3.2:1B (local deployment)
- Combines classic network forensics with modern AI-driven insights
- Bridges the gap between raw packet data and meaningful behavioral intelligence
- Flexible enough for research experiments, performance studies, and real-world security monitoring
Harshvardhan
Computer Science | IoT & Network Systems | Innovation & Applied Fundamentals