// tool reference · Monitoring & Detection
AI Network Traffic Analyzer Pro
Paste connection logs to detect C2 beaconing, port scans, risky-port use, and possible exfiltration.
Open AI Network Traffic Analyzer →
What it does
Analyses connection summaries and flow records for beaconing, exfiltration shapes and anomalous destinations — the patterns that are invisible in a single connection and obvious across many.
When to use it
- You suspect C2 beaconing and need the interval regularity quantified.
- You want to spot a slow exfiltration that never trips a volume alert.
Inputs
Field names are the actual form parameters, verified against source.
| Field | Type | Required | Notes |
|---|---|---|---|
| conn_raw | textarea | required | Connection log / flow summary (Zeek conn.log, netflow summary, firewall accept log). |
What you get back
Flagged destinations with the behavioural reason, plus what to check next.
How it works
Deterministic interval and volume statistics, then AI interpretation.
Limits
Read live from the platform configuration.
| Rate limit | 4 requests / 10 minutes |
Privacy
Sent to the AI provider for analysis; not retained by the platform.
Standards
MITRE ATT&CK (T1071, T1041)
Related tools
Suspicious Pattern Analyzer
AI-assisted scoring of logs and payloads for suspicious, signature-less patterns.
Log Analyzer
Paste logs to detect brute-force, privilege escalation and malware indicators with MITRE mapping.
AI Detection-Engineering Studio
Turn a threat description or log sample into a Sigma detection rule, a SIEM query, false-positive tuning, and test cases.