Core Capabilities
Everything you need for enterprise-grade server defense, right in your terminal.
Real-Time Monitoring
Monitor all active TCP connections, track states (ESTABLISHED, LISTEN), and view live statistics with 1-second updates.
Threat Detection
Identify SYN floods, port scanning, and high connection counts instantly with automated threshold alerts.
Process Intelligence
Map every connection to a PID and process name. Identify exactly which service is communicating.
Geographic Intel
Automatic GeoIP lookup for every connection. See city, country, and ISP organizations immediately.
Security Scanning
Deep scan mode checks for dangerous open ports, default configurations, and suspicious outbound traffic.
Terminal Dashboard
A rich, interactive CLI dashboard with color-coded states, sortable tables, and real-time alert panels.
Command Line Power
Monarx Sentinel is precise, fast, and scriptable. Designed for DevOps engineers and security analysts who live in the terminal.
Monarx Sentinel Security Scan v1.0.0
----------------------------------------
- Detected abnormally high SYN_RECV count (45)
----------------------------------------
Scan Complete: 1 Warning found
Technical Breakdown
Details for the details-obsessed.
Connection Intelligence
- TCP State Analysis
- IPv4 & IPv6 Support
- /proc/net/tcp direct parsing
- Reverse DNS Resolution
Threat Engine
- Half-open connection detection
- Rapid port scan identification
- Connection exhaustion alerts
- Botnet activity pattern matching
System Integration
- Process ID (PID) mapping
- Executable name resolution
- Cross-platform (Linux/macOS)
- Docker container support