Enhancement/web UI

README.md

@@ -2,154 +2,19 @@
 
 Intrusion Monitoring & Defense for Linux Servers
 
-Monix is an open-source host-level security tool that provides real-time threat monitoring, connection intelligence, and behavior-based attack detection for modern Linux servers.
+Monix is an open-source security tool that provides real-time threat monitoring, connection intelligence, and behavior-based attack detection.
 
-## Products
+## About This Repository
 
-Monix consists of **2 separate products**:
+This repository contains **monix-core** - the core security logic and analysis engine that powers the Monix ecosystem. It includes CLI tools for server monitoring and a comprehensive web application for URL security analysis.
 
-### 1. monix-linux 
+**Primary Product:** [monix-web](./web) - A modern web application for comprehensive URL security scanning, SSL validation, DNS analysis, and threat detection. Built with Next.js and powered by monix-core's security engine.
 
-A CLI tool for Linux server security monitoring and intrusion detection.
+**CLI Tools:** This repository also includes command-line tools for Linux server monitoring and intrusion detection. These tools leverage the same monix-core logic that powers monix-web.
 
-**Features:**
-- Real-time connection monitoring
-- Threat detection (SYN floods, port scans, high connection counts)
-- GeoIP intelligence
-- Process tracking
-- Security scanning
-- Terminal-based dashboard (`--watch`)
-- Clean CLI interface
+For more details about the architecture and technical implementation, visit: [dineshkorukonda.in/blog](https://dineshkorukonda.in/blogs)
 
-### 2. monix-web
-
-A separate, independently deployed Next.js web application for web security analysis.
-
-**Features:**
-- URL security scanning
-- SSL certificate validation
-- DNS record analysis
-- Security headers assessment
-- Port scanning
-- Technology stack detection
-- Geographic intelligence
-
-**Note:** monix-web uses monix-core (shared from this repository) but is deployed as a separate product. It is NOT part of this CLI tool.
-
-## Features
-
-This repository (monix-linux) provides:
-- Real-time connection monitoring
-- Threat detection (SYN floods, port scans, high connection counts)
-- GeoIP intelligence
-- Process tracking
-- Security scanning
-- Clean CLI interface
-- Live terminal dashboard (`--watch`)
-
-## Quick Start
-
-```bash
-# Clone the repo
-git clone https://github.com/dinexh/monix.git
-cd monix
-
-# Create virtual environment
-python3 -m venv .venv
-source .venv/bin/activate
-
-# Install
-pip install -e .
-```
-
-## Usage
-
-```bash
-# Quick system snapshot
-monix --monitor
-
-# One-line health check
-monix --status
-
-# Live security dashboard
-monix --watch
-
-# List connections
-monix --connections
-
-# Show alerts
-monix --alerts
-
-# Security scan
-monix --scan
-monix scan --deep
-```
-
-
-## Commands
-
-| Command | Description |
-|---------|-------------|
-| `--monitor` / `-m` | Quick system snapshot |
-| `--status` / `-s` | One-line health check |
-| `--watch` / `-w` | Live security dashboard |
-| `--connections` / `-c` | List active connections |
-| `--alerts` / `-a` | Show security alerts |
-| `--scan` | Security scan |
-
-## Options
-
-```bash
-# JSON output
-monix --monitor --json
-
-# Filter connections by state
-monix connections --state ESTABLISHED
-monix connections --state LISTEN --limit 50
-
-# Custom refresh interval
-monix watch --refresh 5
-
-# Deep security scan
-monix scan --deep
-```
-
-## Example Output
-
-```
-[2025-12-28 00:15:01] INFO: Initializing connection collector...
-[2025-12-28 00:15:02] INFO: Threat detection engine active.
-[2025-12-28 00:15:02] INFO: Live TCP connections: 24 | Established: 18 | Listening: 6
-[2025-12-28 00:15:02] INFO: Top processes: nginx(12), node(6), sshd(4)
-[2025-12-28 00:15:02] INFO: Status: SECURE | Host: my-server
-```
-
-## Security Checks
-
-The `scan --deep` command performs:
-
-| Check | Description |
-|-------|-------------|
-| SSL Certificate | Full validation, expiry, and issuer details |
-| DNS Records | A, AAAA, MX, NS, TXT record analysis |
-| Security Headers | HSTS, CSP, X-Frame-Options scoring |
-| Port Scanning | Common service discovery (HTTP, SSH, DB) |
-| Technology Stack | Server, CMS, and Framework detection |
-| Geographic Info | Precise server location and provider mapping |
-| SSH Port | Warns if SSH runs on default port 22 |
-| Dangerous Ports | Detects FTP, Telnet, SMB, RDP, VNC |
-| Listening Count | Warns if too many ports are open |
-| External Access | Checks for external DB connections |
-| Suspicious Outbound | Detects connections to backdoor ports |
-
-## Requirements
-
-- Python 3.8+
-- Linux (primary) / macOS (limited support)
-- Root/sudo for full process visibility
 
 ## License
 
-MIT License
-
-- Developed by dineshkorukonda.in
+MIT License - Developed by [dineshkorukonda.in](https://dineshkorukonda.in)

web/.gitignore

@@ -28,6 +28,11 @@ yarn-error.log*
 # vercel
 .vercel
 
+# agent skills
+.agents/
+.agent/
+.gemini/
+
 # typescript
 *.tsbuildinfo
 next-env.d.ts

web/README.md

@@ -1,36 +1,27 @@
-This is a [Next.js](https://nextjs.org) project bootstrapped with [`create-next-app`](https://nextjs.org/docs/app/api-reference/cli/create-next-app).
+# Monix Web
 
-## Getting Started
+**Comprehensive Web Security Analysis & Threat Intelligence Platform**
 
-First, run the development server:
+Monix Web is a modern, high-performance web application for real-time URL security scanning, SSL certificate validation, DNS analysis, and threat detection. Built with Next.js and powered by **monix-core's security engine**.
 
-```bash
-npm run dev
-# or
-yarn dev
-# or
-pnpm dev
-# or
-bun dev
-```
+## Features
 
-Open [http://localhost:3000](http://localhost:3000) with your browser to see the result.
+### Core Security Analysis
+- **URL Security Scanning** - Comprehensive domain and URL threat assessment
+- **SSL/TLS Certificate Validation** - Full certificate chain analysis, expiry tracking, and issuer verification
+- **DNS Record Analysis** - A, AAAA, MX, NS, TXT, and CNAME record inspection
+- **Security Headers Assessment** - HSTS, CSP, X-Frame-Options, and modern security header scoring
+- **Port Scanning** - Common service discovery (HTTP, HTTPS, SSH, FTP, databases)
+- **Technology Stack Detection** - Server, CMS, framework, and library identification
+- **Geographic Intelligence** - Precise server location and provider mapping
+- **Real-time Threat Scoring** - Multi-factor security risk assessment
 
-You can start editing the page by modifying `app/page.tsx`. The page auto-updates as you edit the file.
+### Powered by monix-core
+Monix Web leverages the battle-tested **monix-core** security engine, which includes:
+- Advanced threat detection algorithms
+- Connection intelligence and pattern analysis
+- GeoIP resolution and network mapping
+- Process and port analysis
+- Real-time security scoring
 
-This project uses [`next/font`](https://nextjs.org/docs/app/building-your-application/optimizing/fonts) to automatically optimize and load [Geist](https://vercel.com/font), a new font family for Vercel.
-
-## Learn More
-
-To learn more about Next.js, take a look at the following resources:
-
-- [Next.js Documentation](https://nextjs.org/docs) - learn about Next.js features and API.
-- [Learn Next.js](https://nextjs.org/learn) - an interactive Next.js tutorial.
-
-You can check out [the Next.js GitHub repository](https://github.com/vercel/next.js) - your feedback and contributions are welcome!
-
-## Deploy on Vercel
-
-The easiest way to deploy your Next.js app is to use the [Vercel Platform](https://vercel.com/new?utm_medium=default-template&filter=next.js&utm_source=create-next-app&utm_campaign=create-next-app-readme) from the creators of Next.js.
-
-Check out our [Next.js deployment documentation](https://nextjs.org/docs/app/building-your-application/deploying) for more details.
+All security logic resides in monix-core (`../core`), ensuring consistency, reliability, and reusability across the Monix ecosystem.