ShieldOS

• 

• 

• 

💡 Inspiration

Modern small teams and student developers lack real-time security monitoring. Traditional tools only alert you after damage is done. We wanted something fast, automated, and intelligent—a security engineer that runs 24/7.

🔐 What It Does

ShieldOS is an autonomous security platform that:

⚡ Detects live attacks (DDoS, SQL injection) using packet sniffing + HTTP middleware

🧠 Analyzes threats with LLM intelligence (Groq 70B)

🔧 Fixes vulnerabilities automatically by generating GitHub Pull Requests

📱 Sends real-time alerts via WebSockets & BlueBubbles iMessage integration

🧪 Includes a built-in attack simulator for testing your defenses

ShieldOS acts like a full on-call security engineer—but fully automated.

🛠️ How We Built It

FastAPI backend for HTTP + WebSocket communication

Scapy packet sniffer running on a background thread

Regex + heuristic models for SQL injection detection

Groq LLMs for analyzing attacks, summarizing patterns, and generating Mermaid diagrams

GitHub API + Git CLI for automated remediation and PR creation

BlueBubbles for sending and receiving SMS/iMessage commands

Custom state manager for tracking rates, packets, alerts, and request history

We structured the system into pipelines for detection → analysis → remediation.

🚀 Key Features

Real-Time Threat Detection: dual-layer monitoring (network + app)

LLM-Powered Forensics: human-readable summaries + diagrams

Auto-Fixes: code scanning and LLM-generated patches

SMS Commands: “start”, “stop”, “analyze”, “fix”, directly from iMessage

Web Dashboard: live packet & alert stream over WebSockets

Attack Simulator: generate DDoS or SQL injection traffic instantly

📈 Challenges We Overcame

Syncing threaded packet capture with an async FastAPI event loop

Handling LLM rate limits with model fallback logic

Building a robust automated PR generator

Normalizing noisy packet data into meaningful insights

🎉 What We’re Proud Of

Fully autonomous “detect → explain → fix” security workflow

Groq-powered analysis that generates Mermaid diagrams of attack paths

Ability to launch a full security fix PR from an iMessage command

👣 What’s Next

Add anomaly detection with ML models

Build a proper front-end dashboard

Expand to more attack types (XSS, RCE, CSRF)

Dockerized deployment for production environments

Built With

• bluebubbles
• bluebubbles-for-sms-integration
• fastapi
• github
• groq
• groq-llm-for-ai-analysis
• python
• scapy
• smsgateway.ca
• using-scapy-for-packet-capture
• uvicorn