Nightly security audits for your homelab.
From your Mac. Without the SaaS.
Noxen is a Mac-native app that runs agentless nightly audits against your remote Linux boxes and VPSs. CVEs, weak SSH, rotting TLS, exposed admin panels — caught the morning after. Findings sync to your iPhone.
Coming soon — $79 one-time See what it scans
Pre-launch. Ships soon. Follow updates via the blog.
What Noxen checks, every night
- SSH inventory — reads /etc/os-release, kernel, dpkg/rpm packages, sshd_config, authorized_keys.
- CPE → CVE matching — against a signed feed sourced from VulnCheck NVD++, OSV.dev, and GHSA.
- TLS audit — weak ciphers, deprecated protocols, HSTS, OCSP stapling, near-expiry certs.
- Port scan — top 1000 ports via Apple's Network framework. App-Sandbox-compatible.
- HTTP security headers — CSP, X-Frame-Options, Referrer-Policy, Permissions-Policy, HSTS.
- Exposed admin surfaces — phpMyAdmin, Grafana, Portainer, Kibana, unauth Elasticsearch / Redis / Mongo. Flag only — never authenticates.
- Diff-from-yesterday view — only shows what changed since the last scan.
- PDF report export — summary, per-host detail, remediation hints.
- iOS view-only companion — host list, dashboard, push on critical findings.
Pareto Security for your whole fleet.
Pareto Security is the friendly Mac-native security app — but it audits only the local Mac. Noxen extends the same UX to every remote box you own, agentless over SSH.