A powerful system monitoring and security suite powered by advanced AI technology. This application combines real-time network monitoring, threat detection, and intelligent system analysis to provide comprehensive protection for your system.
Real-time network traffic analysis with basic protocol identification
Customizeable graphing solutions
Local LLM integration for system management and security analysis
Easy export of pcap files and network data
- Real-time Traffic Analysis: Monitor network traffic with basic protocol identification
- Protocol Analysis: Basic protocol identification and traffic categorization
- Bandwidth Monitoring: Track bandwidth usage by connection
- Connection Tracking: Monitor active connections and their states
- Network Visualization: Basic visualization of network traffic patterns
- Multi-layered Threat Detection:
- Pattern-based threat detection
- VirusTotal API integration for cloud-based threat intelligence
- File entropy analysis for detecting packed/encrypted malware
- File type detection using libmagic
- Smart False Positive Reduction:
- Whitelist system for development files and trusted locations
- Context-aware scanning with different thresholds
- Secure Quarantine System:
- Isolated quarantine storage with metadata tracking
- File integrity verification
- Ability to restore quarantined files
- Detailed threat information storage
- Agentic AI System:
- Autonomous monitoring and decision making
- Context-aware threat analysis
- Adaptive learning from system behavior
- Proactive threat detection
- Natural Language Processing:
- Command interpretation for system management
- Threat description in plain language
- Context-aware responses
- Machine Learning Models:
- Network traffic pattern analysis
- Anomaly detection
- Behavior-based threat detection
- Adaptive threshold adjustment
-
CrewAI Integration:
- Autonomous agent teams for system monitoring
- Role-based agents with specialized functions:
- Security Analyst: Monitors threats and suspicious activity
- System Monitor: Tracks system performance and resources
- Network Inspector: Analyzes network traffic patterns
- Threat Researcher: Investigates potential security issues
- Agent collaboration for complex problem-solving
- Adaptive response planning based on system state
- Human-in-the-loop decision making for critical actions
-
Ollama Integration:
- Local LLM deployment for privacy-sensitive operations
- Real-time packet analysis and threat assessment
- Natural language processing for system commands
- Custom-trained models for:
- Network traffic pattern recognition
- Malware behavior analysis
- System anomaly detection
- Command interpretation and validation
- Efficient resource usage with optimized models
- Offline capability for core functions
-
AI Agent Orchestration:
- Seamless coordination between CrewAI agents
- Dynamic task allocation based on system needs
- Intelligent escalation of security concerns
- Automated report generation and analysis
- Resource-aware agent scheduling
- Configurable automation levels
-
Auto-Discovery and Connection:
- Agents automatically discover and connect to the main application
- UDP broadcast-based discovery on port 5776
- TCP connections for data transfer on port 5775
- Automatic reconnection on network changes
- Support for multiple network interfaces
- Fallback to localhost for development
-
Agent Features:
- System metrics collection and reporting
- Real-time monitoring of remote systems
- Resource usage tracking (CPU, memory, disk, network)
- Process monitoring and management
- Event logging and notification
- Secure communication channel with the main server
-
Data Collection:
- System performance metrics
- Network connection statistics
- Process information and resource usage
- System events and logs
- Security-related events
- Custom metric collection through plugins
-
Security and Privacy:
- Encrypted communication between agents and server
- Authentication for agent connections
- Rate limiting to prevent DoS attacks
- Configurable data collection policies
- Data anonymization options
- Audit logging of all agent activities
-
Download just the agent installer:
curl -O https://raw.githubusercontent.com/sunkencity999/sysDaemonAI/main/remote_agent/install.py
-
Run the agent installation script:
python3 install.py
This will:
- Install agent-specific dependencies
- Set up agent directories
- Configure autostart
- Create initial configuration
-
The agent will be installed to:
- macOS:
~/Library/Application Support/SysDaemonAgent - Linux:
~/.local/share/sysdaemon-agent - Other:
~/.sysdaemon-agent
- macOS:
-
Start the agent service:
python3 ~/Library/Application\ Support/SysDaemonAgent/bin/agent.py
Or use the system autostart (configured during installation)
The agent will automatically:
- Listen for server broadcasts on port 5776
- Connect to the discovered server on port 5775
- Begin sending system metrics and data
- Maintain connection and reconnect if needed
Create agent_config.yaml in the agent installation directory:
server:
discovery_port: 5776 # UDP discovery port
connection_port: 5775 # TCP connection port
reconnect_interval: 5 # Seconds between reconnection attempts
metrics:
collection_interval: 60 # Seconds between metric collections
include:
- cpu
- memory
- disk
- network
- processes
exclude:
- sensitive_data
security:
encrypt_data: true
verify_server: true
allowed_servers: [] # Empty list means accept any server- Python 3.12+: Core application framework
- PyQt6: Modern, responsive GUI interface
- asyncio: Asynchronous I/O for efficient operations
- Ollama: Local LLM capabilities
- socket: Network communication
- netifaces: Network interface discovery
- psutil: System and process monitoring
- python-magic: File type detection
- VirusTotal API: Cloud-based threat intelligence
- logging: Event and error logging
- Ollama: Local LLM capabilities:
- codellama model
- mistral model
- Python 3.12 or higher
- Homebrew (for macOS dependencies)
- Ollama (for local LLM capabilities)
- System dependencies (installed automatically):
- libmagic
- libpcap
- libffi
- Clone the repository:
git clone https://github.com/sunkencity999/sysDaemonAI.git
cd sysDaemonAI- Install Python dependencies:
python3 -m pip install -r requirements.txt- Initialize the database:
python3 init_db.py- Install Ollama (if not already installed):
curl https://ollama.ai/install.sh | sh- Pull required models:
ollama pull codellama
ollama pull mistral- Copy the example configuration:
cp config.example.yaml config.yaml- Edit the configuration file:
network:
monitor_interfaces:
- en0
- en1
exclude_ports:
- 22
- 80
- 443
virus_scanner:
scan_interval: 3600 # seconds
excluded_dirs:
- /System
- /Library
quarantine_dir: ~/.sysdaemon/quarantine
ai:
ollama:
host: localhost
port: 11434
models:
- codellama
- mistral
agent_teams:
- security
- network
- system- Start the main application:
python3 main.py- Start the network monitor:
python3 network_monitor.py- Start the AI agents:
python3 ai_agents.py- Create a virtual environment:
python3 -m venv venv
source venv/bin/activate- Install development dependencies:
pip install -r requirements-dev.txtpytest tests/cd docs
make html- Fork the repository
- Create a feature branch
- Make your changes
- Run the tests
- Submit a pull request
Before installing SysDaemon AI, ensure you have:
- macOS 11.0 or later
- Python 3.12 or later
- Administrative privileges
- Command Line Tools for Xcode (for compilation of dependencies)
- Homebrew (recommended for easy installation)
- Personal License: $39/year (single machine)
- Professional License: $99/year (up to five machines)
- Enterprise License: $1499 (unlimited installations)
For support, please:
- Check the documentation
- Search existing issues
- Open a new issue if needed
- Email support@sysdaemonai.com