GitHub Repository

Wiredigg is a comprehensive network analysis tool with advanced security features designed for network administrators, security professionals, and IT enthusiasts. It provides real-time packet capture, protocol analysis, anomaly detection, and threat identification capabilities in a modern, user-friendly interface.

15 starsPython

Wiredigg – Real-Time Network Analysis with ML and Ollama Support

Name: Wiredigg – Real-Time Network Analysis with ML and Ollama Support
Availability: InStock
Author: justvugg

by justvugg·Feb 21, 2026·1 point·0 comments

Visit Project View on HN

AI Analysis

●MidShip It

Local network sniffer with Ollama anomaly validation; competes with Suricata, Zeek.

Strengths

•Ollama integration runs threat analysis offline without cloud dependencies
•ML anomaly detection with user feedback loop shows iterative refinement thinking
•Windows executable build lowers barrier vs. Linux-only tools like Zeek

Weaknesses

•Feature list (15+ capabilities) dilutes focus; no evidence of real-world detection accuracy
•Unclear how it handles encrypted traffic or HTTPS inspection vs. Suricata/Zeek—established tools dominate here

Post Description

I built Wiredigg, an open-source network traffic analysis and security tool written in Python. It combines real-time packet capture, protocol inspection, machine learning-based anomaly detection, and local LLM analysis via Ollama.

The goal is to provide interactive network visibility with AI-assisted threat interpretation, while remaining local-first and easy to run. A Windows executable build is also available.

Repo: https://github.com/JustVugg/Wiredigg

⸻

What it does

Real-time packet capture • Live traffic sniffing • Protocol analysis (TCP, UDP, ICMP, HTTP, etc.) • Filtering by IP, port, and protocol • Promiscuous mode support

Machine learning anomaly detection • Detection of unusual traffic patterns • Threat classification with severity levels • False-positive marking and incremental retraining • User-assisted model refinement

Ollama integration (local LLM) • Sends flagged anomalies to a locally running model via Ollama • Generates contextual, human-readable explanations • Adds reasoning on top of statistical detections • Fully offline if Ollama is local

Threat intelligence & dashboards • Malicious IP/domain checks • Interactive tables and traffic statistics • Graph-based visualizations • Exportable reports (HTML, JSON, text)

IoT & device analysis • Device identification and classification • Behavioral pattern analysis • Risk evaluation based on traffic activity

Custom packet tools • Manual packet crafting for testing • Control over IP, port, protocol, and payload

Running it

From source:

git clone https://github.com/JustVugg/Wiredigg pip install -r requirements.txt python wiredigg.py

Administrator/root privileges are required for packet capture.

Alternatively, you can use the provided Windows .exe build.

⸻

Why I built it

Many packet analyzers are either: • CLI-heavy and technical • Or large enterprise systems

I wanted something: • Visual • AI-augmented • Local-first • Extensible in Python • Usable for labs, small networks, and learning

Happy to get feedback, especially on the ML and Ollama integration approach.

Similar Projects

Productivity●Mid

Scryptian – Run Local AI Skills via Ctrl and Alt (Python and Ollama)

Hotkey-triggered local AI when Raycast already has AI plugins.

Ship It

bonsuaq

211mo ago

Productivity●●●Banger

ThreadKeeper – Save and restore Windows working context with Ollama

Ctrl+Shift+S snapshots your whole context, LLM summarizes it, one-click restore.

Solve My ProblemShip It

tatsube

203mo ago

Hardware●●●Banger

I made a Linux driver for WCH BLE Analyzer PRO

Reverse-engineered USB protocol in 24hrs; $30 BLE sniffer now works on Linux.

WizardryDark HorseNiche Gem

xecaz

453mo ago

AI/ML●●●Banger

Myco – coordinate Claude and DeepSeek and other LLMs in one agent swarm

Mycelium-style bus lets parallel Claude sessions share context without a central orchestrator.

Big BrainZero to One

cezarvil

2025d ago

AI/ML●●Solid

Experience-engine – reflection-based memory layer for local LLMs

Turns chat history into structured 'belief' and 'cognitive pattern' blocks you can inject into prompts, with simple APIs like run_reflection and run_synthesis that read like a research prototype. It's smart about separating V1 (domain beliefs) from V2 (transferable cognitive patterns), but it's clearly early-stage — tiny repo, Ollama-only workflow, and few commits mean you should treat it as an experimental MVP rather than a drop-in production memory system.

Big BrainNiche GemShip It

ashishluthara

313mo ago

AI/ML●●Solid

Valohai LLM – Track and compare LLM evaluation results in one dashboard

Streams evals from a tiny Python client into a shared dashboard and lets you run parameter sweeps and compare up to six configurations with radar/bar charts and scorecards — exactly the sort of tooling that stops results getting lost in notebooks. Useful, pragmatic product for teams who repeatedly evaluate models, but it's competing with general observability/experiment trackers (W&B, Neptune) and will need strong integrations and metric flexibility to stand out.

Niche GemSolve My Problem

radicain

303mo ago