Hi I Am DotX
A live network monitor that heuristically shows devices on your LAN, tries to infer device names/models, and lists websites/apps each device appears to be contacting (from DNS, HTTP Host, TLS SNI).
Filename used in examples: live_monitor.py
Important legal & privacy note: Use this only on networks you own or where you have explicit permission to monitor. Packet sniffing and monitoring other people's traffic without consent may be illegal.
Run as admin (Windows) or root (Linux/Mac): py live_monitor_with_apps.py --iface "Network Name" --interval 3 --verbose --vendor-api Steps To See Network Name Use py -m scapy Use show_interfaces()
- Passive sniffing of traffic on a chosen interface.
- Per-device stats: bytes sent/received, packet counts, protocols and top ports.
- Heuristic device identification using:
- DHCP hostname (option 12),
- mDNS responses,
- NetBIOS (NBNS) name hints,
- OUI/MAC vendor lookup (local cache + optional API).
- Per-device inferred websites/apps based on:
- DNS queries/responses,
- HTTP
Host:header, - TLS ClientHello SNI extraction (ClientHello parser).
- ARP/DHCP based IP?MAC mapping to attribute observations to devices.
- Small local OUI cache (
oui_cache.json) for vendor lookups. - Verbose debug mode for occasional packet-level printouts.
- Python 3.8+ (Windows: install from https://www.python.org and check "Add Python to PATH").
- Python packages:
py -m pip install scapy requests