Real-time network attack visualization on a 3D ASCII globe with neofetch-style system info
Monitor YOUR computer for incoming connection attempts, port scans, and firewall blocks - all displayed on a beautiful rotating 3D globe with smooth animations and vibrant colors.
Created by ringmast4r | Version: v1.6.4 (SemVer)
DEATH STAR monitors YOUR computer with a stunning terminal dashboard featuring:
- 💀 Death Star Mode - Toggle between spinning globe and static Death Star ASCII art
- 🌍 3D Spinning ASCII Globe - Smooth 30 FPS rotation with lighting effects
- 📊 Live Attack Feed - Real-time display of blocked connections with IP geolocation and threat intelligence
- 🔒 Port Scan Detection - Automatically detects 5+ ports scanned within 60 seconds
- 🌐 IPv6 Support - Full support for IPv6 addresses (link-local, localhost, unique local)
- 💻 Enhanced System Info - Shows OS, Architecture, BIOS, CPU, GPU, CPU Load/Temp, RAM, Disk, Battery, Network type, and more
- 🎨 7 Beautiful Themes - Matrix, Amber, Nord, Dracula, Mono, Rainbow, and Skittles
- 🌈 16-Color Skittles Mode - Fully randomized candy colors across the globe
- ⚡ Flicker-Free Rendering - Using blessed library for smooth 30 FPS terminal control
- 🎮 Interactive Controls - Death Star toggle, theme switching, lighting effects, pause, and plus mode
- 🖥️ Cross-platform - Works on Windows and Linux
DEATH STAR is a 100% defensive, educational, open-source security tool.
This tool is designed exclusively for:
- ✅ Monitoring YOUR OWN computer - Visualize firewall blocks on your system
- ✅ Educational purposes - Learn about network security, port scans, and attack patterns
- ✅ Defensive security - Understand what threats target your network
- ✅ Security awareness - Help non-technical users understand network traffic
- ✅ Open-source learning - Study real-time log parsing and data visualization
✅ DOES:
- Reads firewall logs from YOUR computer only
- Displays blocked connection attempts in real-time
- Provides educational context about network protocols and services
- Helps you understand what's targeting your system
- All data stays 100% local - nothing is uploaded or shared
❌ DOES NOT:
- Attack, scan, or probe other systems
- Collect credentials or sensitive data
- Perform any offensive security actions
- Access other people's networks or systems
- Send any data outside your computer
- 🔒 Read-only access - Only reads existing firewall logs, never modifies anything
- 🏠 100% local - All processing happens on your computer
- 🔐 No telemetry - No tracking, analytics, or data collection
- 📖 Open source - Full transparency, audit the code yourself
- 🎓 Educational first - Built to teach, not to exploit
This tool should ONLY be used:
- On systems you own or have explicit permission to monitor
- For learning about network security and defensive practices
- To understand what threats exist in the real world
- As a visualization tool for your own firewall logs
Misuse Policy:
- The developers do not support any malicious or unauthorized use
- Using this tool to monitor networks you don't own is illegal and unethical
- This tool is for defense and education, not offense
DEATH STAR is an excellent tool for:
- Teaching students about network protocols and firewall behavior
- Demonstrating real-world attack patterns in a safe, controlled environment
- Explaining IPv4/IPv6 addressing, port scanning, and threat assessment
- Visualizing abstract security concepts with real-time data
- Workshops on defensive security and incident response
By using this tool, you agree to use it responsibly and ethically.
- Minimal Footprint - GitHub repository contains only files needed by end users
- 6 Essential Files - Just the executable, source code, docs, and testing tools
- No Clutter - Developer tools (build scripts, signing tools) kept local only
- Easy Access - Download and run without confusion
- 5x Faster Live Feed - Reduced polling from 50ms to 10ms for near-instant updates
- Real-time Responsiveness - Entries appear within 10-20ms of being logged
- Optimized for Speed - Minimal CPU impact while maximizing detection speed
- Automatic CSV Logging - Saves all attack data to
logs/directory - Daily Rotation - New file each day:
attacks_YYYY-MM-DD.csv - 12 Data Columns - Timestamp, IPs, Port, Protocol, Service, Country, City, ISP, Threat Level, Attack Type, Action
- Excel Compatible - Open directly in Excel or Google Sheets
- Thread-Safe - No performance impact on dashboard
- Privacy First - All data stays on your computer
Example log file:
Timestamp,Source_IP,Dest_IP,Port,Protocol,Service,Country,City,ISP,Threat_Level,Attack_Type,Action
2025-10-05 15:30:22,45.76.142.23,10.0.0.226,22,TCP,SSH,US,New York,DigitalOcean,CLOUD,PROBE,DROP- Press 'O' for Detailed Analysis - Educational panel explains what you're seeing
- IP Type Identification - Explains IPv6 Link-Local, Multicast, Private IPs, Public IPs
- Service Descriptions - Detailed info on common ports (mDNS, SSH, RDP, SMB, HTTP, etc.)
- Smart Verdicts - Tells you if traffic is normal/harmless or potentially malicious
- Educational Context - Explains what each service does, why it's blocked, and common uses
- Perfect for Non-Technical Users - Translates technical network data into plain language
Example Analysis:
SOURCE IP: fe80::b622:82ab:8074:9290
Type: IPv6 Link-Local
Meaning: A device on your local network (not internet)
Assessment: Safe - Private network device
TARGET PORT: 5353 (mDNS - Multicast DNS)
Purpose: Device discovery on local networks
Common Uses: Printers, Apple devices (AirPlay/AirDrop), smart home
Why Blocked: Windows Firewall blocks multicast by default
VERDICT:
This is NORMAL, HARMLESS local network traffic.
Your devices are doing routine network discovery.
Not an attack - just standard network operations.
- Smooth 20 FPS Animation - Optimized for performance and smooth rotation
- 50-second rotation period - Complete revolution every 50 seconds (adjustable)
- ASCII Character Progression - Full gradient: @ → # → % → o → = → + → - → . → `
- Lighting Effects - Optional dimming/shading effect (toggle with 'L')
- Plus Mode - Simplified rendering with '+' characters (toggle with 'P')
- Anti-aliasing - Boosted density for sharper symbols and better land/ocean contrast
- Skip Animation - Press Enter during startup to skip intro animation
- Rainbow Mode - 7-color spectrum with fluorescent RGB values
- Skittles Mode - 16 vibrant candy colors with pseudo-random distribution
- No Color Banding - Fixed solid cyan/purple rows with proper randomization
- True RGB Colors - Direct ANSI escape codes for Windows 10+ VT100 support
- Static ASCII Art - Beautiful Death Star visualization with superlaser dish detail
- Dynamic Scaling - Automatically sizes to match globe dimensions
- Theme Support - Works with all 7 color themes including Rainbow and Skittles
- Lighting Effects - Press 'L' to dim/brighten the Death Star
- Seamless Toggle - Press 'D' to switch between Death Star and Globe instantly
- Expanded System Info:
- OS (Windows 10/11 build, Linux distro)
- Architecture (x64, ARM64, etc.)
- BIOS Version
- Hostname
- Network Type (WiFi/Ethernet)
- Terminal Type (Windows Terminal, CMD, PowerShell, etc.)
- Screen Resolution
- Motherboard
- CPU model
- CPU Load (real-time percentage)
- CPU Temperature (if available)
- GPU model (NVIDIA GeForce RTX, Intel UHD, etc.)
- RAM (Total / Used with percentage)
- Disk (Total / Used with percentage)
- Battery (percentage, status, time remaining - laptops only)
- System Uptime
- Clean Layout - User@Host header with system details below
- D - Toggle Death Star mode (switch between globe and Death Star)
- O - Toggle Operator Mode (detailed analysis with IP/service explanations)
- T - Cycle through 7 themes (instant switching)
- L - Toggle lighting/dimming effect on/off
- P - Toggle plus mode (simplify rendering)
- A - Toggle Attack Details panel (show detailed info on latest attack)
- Space - Pause/Resume globe rotation
- C - Toggle control legend
- Enter - Skip startup animation (during intro only)
- Q or Ctrl+C - Exit
Choose your platform:
Step 1: Clone the repository
git clone https://github.com/Ringmast4r/DEATH_STAR.git
cd DEATH_STARStep 2: Install dependencies
pip install blessed psutilStep 3: Run DEATH STAR
# Demo mode (no firewall setup needed)
python dashboard.py --demo
# OR with real firewall logs (requires admin)
python dashboard.py🎯 Want the EXE version?
- Run
build.batto createdist\DEATH_STAR.exe - Double-click the EXE and allow admin access
- Done!
Step 1: Clone the repository
git clone https://github.com/Ringmast4r/DEATH_STAR.git
cd DEATH_STARStep 2: Install dependencies
Option A - via apt (recommended for Kali/Debian/Ubuntu):
sudo apt install python3-blessed python3-psutilOption B - via pip (if apt packages not available):
pip3 install blessed psutil --break-system-packagesStep 3: Run DEATH STAR
# Demo mode (no firewall setup needed)
python3 dashboard.py --demo
# OR with real firewall logs (requires sudo)
sudo python3 dashboard.pyStep 1: Clone the repository
git clone https://github.com/Ringmast4r/DEATH_STAR.git
cd DEATH_STARStep 2: Install dependencies
pip3 install blessed psutilStep 3: Run DEATH STAR
# Demo mode (no firewall setup needed)
python3 dashboard.py --demo
# OR with real firewall logs (requires sudo)
sudo python3 dashboard.pyTry different color schemes:
--theme matrix- Green hacker aesthetic (default)--theme rainbow- 7-color spectrum--theme skittles- 16 random candy colors--theme dracula- Dark with magenta--theme nord- Cool cyan--theme amber- Retro orange CRT--theme mono- Black & white
Press 'T' while running to cycle through themes!
DEATH STAR needs Windows Firewall logging enabled to monitor real attacks:
- Open Windows Security (search in Start menu)
- Click Firewall & network protection
- Click "Advanced settings" (blue link on left side)
- This opens "Windows Defender Firewall with Advanced Security"
- Right-click on "Windows Defender Firewall with Advanced Security on Local Computer"
- This is at the top of the left sidebar tree
- Select "Properties" from the context menu
You'll see tabs for: Domain Profile, Private Profile, Public Profile
For EACH of these 3 tabs, do the following:
- Click the tab (Domain, then Private, then Public)
- Scroll down to find the "Logging" section (near the bottom)
- Click the "Customize..." button
- In the "Customize Logging Settings" window:
- Find "Log dropped packets"
- Change it from "No" to "Yes"
- (Optional) Set "Log successful connections" to "Yes" for more data
- Click "OK"
- Repeat steps 6-10 for all 3 profiles (Domain, Private, Public)
- Click "Apply", then "OK" to close Properties
Press Win + R, type wf.msc, press Enter - opens Advanced Security directly
After enabling, wait a few minutes then check:
dir C:\Windows\System32\LogFiles\Firewall\pfirewall.logIf the file exists with size > 0 KB, logging is active!
Default log location: C:\Windows\System32\LogFiles\Firewall\pfirewall.log
DEATH STAR supports both UFW and iptables on Linux. Choose the section for your firewall:
UFW (Uncomplicated Firewall) is the default on Ubuntu-based systems.
- Enable UFW logging:
# Enable UFW logging
sudo ufw logging on
# Set logging level (optional - 'low', 'medium', 'high', 'full')
sudo ufw logging medium- Verify UFW is active and logging:
# Check UFW status
sudo ufw status verbose
# Should show: Logging: on (medium)- Check log file location:
# UFW logs to /var/log/ufw.log
ls -lh /var/log/ufw.log
# View recent entries
sudo tail -20 /var/log/ufw.log- Add logging rule to iptables:
# Log dropped packets (INPUT chain)
sudo iptables -I INPUT -j LOG --log-prefix "[FIREWALL DROP] " --log-level 4
# Make rule persistent (Ubuntu/Debian)
sudo iptables-save | sudo tee /etc/iptables/rules.v4
# Make rule persistent (RHEL/CentOS)
sudo service iptables save- Configure rsyslog to separate firewall logs (optional but recommended):
# Create rsyslog config for firewall
echo ':msg, contains, "[FIREWALL DROP]" /var/log/iptables.log' | sudo tee /etc/rsyslog.d/10-iptables.conf
# Restart rsyslog
sudo systemctl restart rsyslog- Verify logging:
# Check kernel log
sudo tail -f /var/log/kern.log | grep FIREWALL
# Or check dedicated iptables log (if configured above)
sudo tail -f /var/log/iptables.log# Navigate to DEATH STAR folder
cd DEATH_STAR
# Install dependencies
pip install blessed psutil
# Run with sudo to access firewall logs
sudo python dashboard.py --theme matrix
# Specify custom log path (if needed)
sudo python dashboard.py --log-path /var/log/ufw.log
# Or run in demo mode (no sudo needed)
python dashboard.py --demo- UFW:
/var/log/ufw.log - iptables (kernel log):
/var/log/kern.log - iptables (custom):
/var/log/iptables.log(if configured)
After enabling logging, generate test traffic:
# Try to access a blocked port (will be logged)
telnet localhost 23
# Check if it appears in logs
sudo tail /var/log/ufw.log
# or
sudo tail /var/log/kern.log | grep FIREWALLWant to see DEATH STAR in action immediately? Use demo mode:
python dashboard.py --demoThis simulates live attack traffic without requiring firewall logs.
Need to take screenshots for documentation? Use screenshot demo mode:
python dashboard.py --demo-screenshotWhat it does:
- Immediately populates feed with 17 diverse fake attacks (no waiting!)
- Shows all threat levels: CLOUD (yellow), HOSTING (red), SAFE/ISP (green)
- Includes port scan example (same IP hitting 6+ ports)
- Displays various countries: US, CN, RU, DE, NL, FR, GB, BR
- Shows different services: SSH, RDP, HTTP, MySQL, SMB, Telnet, VNC, etc.
- NEW: Masks ALL real system stats with fake data (v1.6.4)
- Fake hostname:
DEATHSTAR-PC - Fake username:
operator - Fake IP:
192.168.1.100 - Fake MAC:
00:1a:2b:3c:4d:5e - Fake hardware specs (CPU, GPU, RAM, etc.)
- Fake hostname:
- Perfect for taking clean screenshots without exposing ANY real data
Want to test with real firewall log entries? Use the included test script:
Right-click test_firewall.bat → "Run as Administrator"
How it works:
- Creates temporary outbound block rules via Windows Firewall
- Attempts connections to those ports (which get blocked and logged)
- Automatically cleans up all temporary rules
What it generates:
- ✅ 15 real blocked firewall log entries
- ✅ Common attack ports (SSH, RDP, SMB, MySQL, VNC, MSSQL, FTP, Telnet, etc.)
- ✅ Port scan pattern (5+ ports from same IP 45.76.142.23)
- ✅ Both TCP and UDP protocols
- ✅ Entries show in DEATH STAR within 5-10 seconds
Perfect for:
- Testing the Live Feed in real-time
- Demonstrating DEATH STAR features
- Verifying firewall logging is working
# Default matrix theme
python dashboard.py
# Demo mode with simulated attack traffic
python dashboard.py --demo
# Skittles candy theme with 16 random colors
python dashboard.py --theme skittles
# Rainbow spectrum theme
python dashboard.py --theme rainbow
# Custom rotation speed (default 50 seconds)
python dashboard.py --rotation 60
# Combine demo mode with themes
python dashboard.py --demo --theme dracula
# Screenshot demo mode (for taking photos)
python dashboard.py --demo-screenshot --theme matrix--theme {matrix,amber,nord,dracula,mono,rainbow,skittles}
Color theme (default: matrix)
--rotation SECONDS
Globe rotation period in seconds (default: 50)
--log-path PATH
Custom firewall log file path (auto-detected if not specified)
--demo
Enable demo mode with simulated attack traffic
Perfect for testing without real firewall logs
--demo-screenshot
Enable screenshot demo mode with immediate diverse fake data
17 pre-loaded attacks showing all features
Masks ALL system stats (hostname, IP, MAC, hardware specs)
Perfect for taking README photos without exposing real data
- matrix - Classic green hacker aesthetic 🟢
- amber - Retro CRT orange 🟠
- nord - Cool Scandinavian cyan 🔵
- dracula - Dark with magenta accents 🟣
- mono - Monochrome white on black ⚪
- rainbow - 7-color fluorescent spectrum 🌈
- skittles - 16 vibrant candy colors 🍬
┌─────────────────────────────────────┬──────────────────────────────────────────────────┐
│ Attack Globe / Death Star │ Live Feed │
│ │ │
│ Rotating 3D ASCII Globe (press D) │ TIME SRC IP DST IP PORT PROTO STATUS SVC │
│ OR Static Death Star Display │ ────────────────────────────────────────────────────────────────── │
│ │ 14:23:45 203.0.113.45 10.0.0.226 22 TCP BLOCKED SSH │
│ @ = Land (high density) │ 14:23:46 198.51.100.8 10.0.0.226 3389 TCP BLOCKED RDP │
│ # = Land (medium) │ 14:23:47 203.0.113.45 10.0.0.226 445 TCP BLOCKED SMB │
│ + = Land (low) / Plus mode │ 14:23:48 10.0.0.251 10.0.0.226 5353 UDP BLOCKED mDNS │
│ - = Ocean │ 14:23:49 192.0.2.156 10.0.0.226 8080 TCP BLOCKED HTTP-AL │
│ * = Attack markers │ │
│ ├──────────────────────────────────────────────────┤
│ [D] Death Star [T] Theme │ Stats - MATRIX │
│ [L] Lighting [P] Plus │ │
│ [Space] Pause [C] Legend │ Squir@DESKTOP-PC │
│ │ ─────────────── │
│ │ System IP: 10.0.0.128 │
│ │ MAC Addr: 84:11:45:... │
│ │ OS: Windows 10 │
│ │ Architecture: AMD64 │
│ │ CPU: Intel i7-9700K │
│ │ CPU Load: 2.7% │
│ │ GPU: RTX 3070 │
│ │ RAM: 8GB / 32GB (25%) │
│ │ Battery: 99% (Charging) │
│ │ RUNNING | C for legend v1.6.2 │
└─────────────────────────────────────┴──────────────────────────────────────────────────┘
- TIME - Timestamp of the connection attempt (HH:MM:SS)
- SRC IP - Source IP address attempting the connection (max 13 chars, truncated if longer)
- DST IP - Destination IP (your machine's IP being targeted, max 13 chars)
- PORT - Destination port being targeted
- PROTO - Protocol (TCP, UDP, ICMP)
- STATUS - Connection status (color-coded)
- 🔴 BLOCKED - Connection dropped by firewall (red)
- 🟢 ALLOWED - Connection permitted by firewall (green) [future feature]
- SVC - Identified service (max 7 chars, e.g., SSH, RDP, NetBIOS, HTTP-AL)
- CC - Country code (2-letter ISO code)
- THREAT - Threat assessment (SAFE/ISP, CLOUD, HOSTING, LOCAL, UNKNOWN)
- 🟢 SAFE/ISP - Residential/ISP connections (green)
- 🟡 CLOUD - Cloud providers (AWS, Azure, GCP) - yellow
- 🔴 HOSTING - Hosting/VPS providers - red
- ⚪ LOCAL - Private network IPs
- ⚪ UNKNOWN - Unclassified
Press A to toggle detailed information about the most recent attack:
┌─ Attack Details ─────────────────────────┐
│ IP Address: 203.0.113.45 │
│ Location: Beijing, China (CN) │
│ ISP/Org: China Telecom │
│ │
│ Target Port: 22 (SSH) │
│ Protocol: TCP │
│ Timestamp: 2025-10-05 14:23:45 │
│ │
│ Threat Level: HOSTING │
│ Attack Type: PROBE │
│ Attempts: 3 │
│ │
└──────────────────────────────────────────┘
Press [A] to close
- blessed library - Smooth terminal control (like Go's tcell)
- ANSI RGB escape codes - Direct color codes
\033[38;2;R;G;Bmfor true color - VT100 terminal mode - Windows console mode 7 for ANSI support
- 3D projection - Equirectangular to sphere mapping
- 120x60 Earth bitmap - Character map for land/ocean data
- Double buffering - Build entire frame before single write
- Lambertian shading - Physically-based diffuse lighting
- Light follow mode - Sun rotates opposite to globe at 23.5° tilt
- Minimum ambient - 0.2 ambient light prevents pure black shadows
- Surface normals - 3D vector math for proper shading
- Direct RGB values - Matching Go implementation exactly
- Skittles hashing - Prime number multipliers for pseudo-random distribution
- 16-bit color index - Values 1-16 for skittles, 0-6 for rainbow
- psutil - Cross-platform system/hardware info
- subprocess + wmic - Windows GPU detection
- platform module - OS and CPU info
- Neofetch-inspired - Clean stats display matching neofetch output
- Background caching - System info updated every 2 seconds in separate thread
- Lightning-fast controls - Instant theme switching and interaction response
DEATH STAR monitors dropped/blocked connections from your firewall:
- Parses:
C:\Windows\System32\LogFiles\Firewall\pfirewall.log - Shows: Blocked incoming connection attempts
- UFW:
/var/log/ufw.log - iptables:
/var/log/iptables.logor/var/log/kern.log
What you see:
- Source IP addresses trying to connect
- Destination ports they're targeting (SSH, RDP, HTTP, etc.)
- Geographic origin (country, city)
- Connection protocol (TCP, UDP, ICMP)
- Live feed with username and password attempts
- No data leaves your computer - Everything runs locally
- Read-only - Only reads firewall logs, never modifies anything
- No telemetry - No tracking, analytics, or phone-home
blessed - Terminal control and formatting
psutil - System and hardware information
platform - OS detection
subprocess - GPU detection (Windows)
Install with:
pip install -r requirements.txtpyinstaller - Convert Python script to executable
Install with:
pip install -r requirements-build.txt- ringmast4r - Creator and maintainer
- SecKC-MHN-Globe - Original Go implementation for globe rendering algorithms
- dylanaraps/neofetch - System info display inspiration
- blessed library - Beautiful terminal control for Python
- psutil - Cross-platform system information
BSD 2-Clause License - Copyright (c) 2025, ringmast4r
See LICENSE file for full text.
Contributions welcome! Feel free to:
- Report bugs
- Suggest features
- Submit pull requests
- Share your custom themes
A: YES! (As of v1.6.0) DEATH STAR automatically saves all attack data to CSV files.
- Reads from: Windows Firewall logs (
C:\Windows\System32\LogFiles\Firewall\pfirewall.log) - Saves to:
logs/directory in CSV format - File naming:
attacks_YYYY-MM-DD.csv(one file per day) - Auto-rotation: New file created automatically each day at midnight
- Privacy: All data stays on your computer - nothing is uploaded
CSV includes 12 columns:
- Timestamp, Source IP, Dest IP, Port, Protocol, Service
- Country, City, ISP, Threat Level, Attack Type, Action
Example: logs/attacks_2025-10-05.csv
Open in Excel, Google Sheets, or import into your favorite database for analysis!
A: This is normal and safe - DEATH STAR uses a self-signed certificate.
When you run DEATH_STAR.exe, Windows shows a UAC prompt that says "Unknown Publisher." This happens because:
- The exe is signed with a self-signed certificate (not from a commercial Certificate Authority)
- Windows only recognizes certificates from trusted CAs like Verisign, DigiCert, etc.
- Self-signed certificates are perfectly safe for personal use, but Windows can't verify the publisher
Is it safe? Yes! This is standard for open-source software. You can verify the exe is legitimate by:
- Downloading only from the official GitHub repository
- Checking the file hash matches the release
- Building from source yourself if you prefer
Note: You can click "Yes" on the UAC prompt to run the software. The "Unknown Publisher" warning is cosmetic and doesn't affect functionality.
A: This was a bug in v1.5.0, fixed in v1.5.1.
- Old behavior (v1.5.0): Pressing '1' tried to run without data → crash
- New behavior (v1.5.1): Pressing '1' automatically enables demo mode → works fine
Update to v1.5.1 or later to fix this issue.
A: Windows Firewall might not be logging outbound blocked connections.
Check these settings:
- Open
wf.msc(Win+R → typewf.msc→ Enter) - Right-click "Windows Defender Firewall with Advanced Security"
- Select "Properties"
- For each profile (Domain, Private, Public):
- Click the profile tab
- Find "Logging" section → Click "Customize..."
- Set "Log dropped packets" to YES
- Click OK
- Click Apply → OK
Note: By default, Windows Firewall allows outbound connections, so the test script creates temporary block rules to generate log entries.
A: DEATH STAR checks for recent log entries (within last 5 minutes).
- If your firewall is on but hasn't blocked anything recently → shows "inactive"
- This is normal if you have no current attack traffic
- Run
test_firewall.batas admin to generate test entries - Or use
--demomode to see simulated traffic
A: This is normal Windows Firewall behavior - NOT a DEATH STAR bug.
What's happening:
- Windows Firewall batches log writes for performance (30-60 second intervals)
- Test script creates entries immediately, but Windows delays writing them to the log file
- DEATH STAR detects and displays entries within 10-20ms once Windows writes them
How to test properly:
- Start DEATH_STAR.exe (keep it running)
- Run test_firewall.bat as admin in another terminal
- Wait 30-60 seconds - entries will appear all at once
- Real attacks show up normally (ongoing traffic triggers more frequent writes)
This is a Windows limitation - log batching is hardcoded and cannot be disabled.
- Smooth 3D globe rendering
- Exact Go implementation lighting
- Rainbow and Skittles themes
- Neofetch-style system info
- Export attack data to CSV (v1.6.0)
- Live packet capture mode
- JSON export for integration
- Web dashboard interface
- Alert notifications for high-volume attacks
- Historical attack playback from logs
Built with ❤️ by ringmast4r | Stay safe out there! 🛡️