Discover every device on your network, audit for known CVEs, run active penetration tests, and isolate threats — all from a single desktop application.
Built from 14 independent modules — each one focused on a specific layer of network security.
Broadcasts ARP requests across your /24 subnet to identify every connected device — including those that block ICMP ping.
Queries the NIST NVD REST API v2.0 in real time — matching device banners and vendor signatures against known vulnerabilities.
Actively tests default credentials, unauthenticated RTSP access, FTP anonymous login, MQTT brokers, and SMB null sessions.
Live packet capture with protocol breakdown. Detects SYN floods, port scans, ARP spoofing, and ICMP floods in real time.
Instantly blocks compromised devices using Windows Firewall rules — no router access needed. One click to isolate, one to restore.
Continuous background monitoring at configurable intervals. Alerts on new devices, risk escalations, and port changes automatically.
Weighted 0–100 risk score per device and network-wide. CRITICAL=25pts, HIGH=15pts. Grades from Minimal to Critical Exposure.
One-click professional report generation. Includes device inventory, CVE findings, red team results, fix recommendations and score trends.
Every scan stored in SQLite with score trends, device counts, and change detection. Export full history as CSV in one click.
Six automated stages run sequentially — from raw discovery to actionable remediation.
ARP broadcast maps every device on your subnet. Double-verified to eliminate false positives.
MAC vendor lookup, HTTP banner grab, TLS check, UPnP fingerprint, and OS detection via ICMP TTL.
Live NIST NVD query with 3-retry logic. Full CVE descriptions, CVSS scores, and NVD links.
Active red team tests with ethics consent gate. Compromised devices escalate all CVEs to CRITICAL.
Because NetProbe is an independent security tool without an expensive corporate code-signing certificate,
Windows Defender SmartScreen may display a warning on first launch.
This is standard for all new independent software on Windows.
To proceed: click "More info" → "Run anyway".
The full source code is publicly available on GitHub for independent verification.
A VirusTotal scan report (0/70 detections) is linked above.
Standalone installer — no Python, no dependencies, no configuration.
Windows 10 (64-bit) or Windows 11. Must be run as Administrator for ARP scanning and firewall operations.
Active Wi-Fi or Ethernet connection on a local /24 subnet. Internet required for live CVE lookup via NIST NVD API.
Fully self-contained .exe installer. Python runtime, Npcap, Scapy and all libraries are bundled internally.
Free, open source, and runs entirely on your own machine. No data leaves your network.
Version 1.0.0 · MIT License · Windows 10/11 64-bit