Fix websocket pattern + improve beacon override logic to prevent false positives/negatives

Fix false positives: high-confidence legitimate patterns no longer overridden by beacon indicators

Document machine-readable output fields for scripting (to_json, to_ioc_format, suspicious_connections, iocs)

Add machine-readable output fields for scripting (connections_analyzed, suspicious_connections, iocs, time_range, destination_summary)

Add parsers for syslog, Windows firewall, CSV, and Graylog formats

Fix log parsing: JSON arrays, Zeek format, and beacon detection priority

Update file list to include API reference

Restore API reference for scripting

Fix README - restore full model documentation

Clean up README - remove training section, update file list

Remove examples folder

Remove examples folder

Remove extra documentation

Remove training files from public view

Remove training files from public view

Phase 2 trained model - multi-task learning with adversarial hardening

Add phase 2 multi-task training script

Add training script

Add training documentation

Add normalization parameters for inference

Retrained model with proper normalization - 100% accuracy

Upload folder using huggingface_hub

Upload folder using huggingface_hub

Upload folder using huggingface_hub

Upload folder using huggingface_hub

initial commit