[itfourall]

One thing I found surprising while building this: how invisible Layer 2 issues can be in modern networks. Most monitoring tools (Zabbix, Prometheus, etc.) stop at ICMP or SNMP – but they don't tell you when a looped switch starts flooding broadcasts or when ARP replies look suspicious.

BroadcastDetector tries to fill that gap by being completely passive and focused. It doesn't touch your devices, it just watches traffic from a mirror/trunk port and tries to find patterns you’d usually only spot after a meltdown.

The whole system runs headless with a simple web interface, logs everything, and alerts based on loop/spoof patterns. It’s written in Python and optimized for Raspberry Pi or Debian-based systems.

If you’ve built anything like this (or used tools like Wireshark/tcpdump for long-term monitoring), I’d love to hear how you approached it. Happy to swap ideas or improve it based on real-world experience.