The Problem
Network anomalies - unusual traffic patterns, unauthorized connections, data exfiltration - are among the hardest threats to detect without visibility into live packet flow. Security analysts need tools that capture and display traffic in real time.
My Approach
I built SniffNet as a Python-based packet sniffer with a Tkinter GUI, designed for practical network monitoring and security analysis.
- Packet capture: Scapy library for low-level network frame interception
- Real-time display: Tkinter GUI showing source/destination IPs, protocols, and payload metadata
- Performance: Optimized capture loop handling up to 55 packets/sec with sub-second latency
- Filtering: Protocol-based filtering to focus on HTTP, TCP, UDP, and ICMP traffic
Security Relevance
This project demonstrates skills directly applicable to vulnerability assessment work and network security analysis from my Oasis Infobyte and Edunet Foundation internships:
- Identifying anomalous traffic patterns (SIEM-aligned thinking)
- Understanding network protocols at the packet level
- Building monitoring tools that complement vulnerability analysis workflows
- Hands-on experience with the same concepts Wireshark and IDS systems use
Tech Stack
Results
- Captured up to 55 packets/sec with <1s latency
- Functional GUI for real-time traffic inspection
- Open-source on GitHub - demonstrates security tooling ability beyond web apps
What I Learned
Understanding traffic at the packet level makes me a better full-stack developer. When I build APIs and ship products at Phoenix Solutions and MyNest, I know what normal vs. suspicious network behavior looks like - and I can communicate findings clearly to teams.