Sandbox Inspector

Live runtime behavioural analysis using psutil. Inspects processes, network connections, and filesystem access. Demo mode simulates and blocks malicious patterns.

KRONOS Sandbox — Demo Mode Active

Demo mode simulates three blocked attack patterns: an outbound connection to a known C2 IP range (185.220.101.0:4444), an attempt to write to /etc/hosts, and a subprocess spawn attempt — all blocked by KRONOS runtime policy.