Netfox

Product Introduction

1. Definition: Netfox is a native, SwiftUI-based network monitoring and security analysis application for macOS. It is a local-first, privacy-focused tool designed to provide real-time visibility and historical analysis of all devices connected to a local area network (LAN).
2. Core Value Proposition: Netfox exists to solve the fragmented, incomplete, and privacy-invasive nature of home and small office network monitoring. It provides a single, persistent, and privacy-respecting window into all connected devices—from Apple gadgets and smart TVs to IoT devices and printers—offering live status, connection history, and actionable security insights without requiring a cloud account or sending data off the user's Mac.

Main Features

1. Multi-Source Network Discovery: Netfox employs a comprehensive, multi-protocol discovery engine that runs in parallel. It combines passive listening (Bonjour/mDNS, ARP cache, SSDP, NetBIOS) with active ICMP probing to detect devices. This hybrid approach ensures maximum coverage, capturing everything from chatty Apple devices to quiet, headless IoT gadgets, consolidating them into a single unified device list.
2. Per-Device Historical Timeline: Unlike single-scan tools, Netfox maintains a persistent, per-device history database on the local machine. This includes the exact timestamp of first and last seen, every online/offline state transition, and a record of all IP address, hostname, and vendor changes. This timeline provides crucial context for troubleshooting and security monitoring.
3. One-Click Security & Port Scan: The Security tool performs a curated, unprivileged TCP port check against a defined list of common home-network ports (e.g., SSH, Telnet, RDP, SMB, HTTP/S, MQTT, database ports). Each open port is classified by risk level, and a built-in Risk Inspector provides plain-English explanations of potential vulnerabilities and recommended mitigation steps, making network security accessible to non-experts.
4. Intelligent Alerting System: The app features a configurable alert system with five distinct notification types: New Device, Returning Device, Risky Device, Port State Change, and New Service Discovery. Alerts are managed through an inbox-style log, and users can mute alerts on a per-device basis, allowing for focused monitoring of the network's dynamic state.
5. Native macOS Integration & Privacy: Built entirely with SwiftUI for macOS 15+, Netfox delivers a fast, native user experience with system appearance support, keyboard shortcuts, and context menus. It includes a unique Demo Mode (⌘⇧D) that instantly anonymizes the UI for screenshots. Crucially, it operates with a strict no-cloud, no-telemetry policy; all network data and history remain stored locally on the user's Mac.

Problems Solved

1. Pain Point: Traditional network monitoring is fragmented and lacks historical context. Router admin pages show only current connections with outdated UIs, while command-line tools like arp or nmap provide point-in-time data without persistence, requiring manual correlation and offering no "big picture" view.
2. Target Audience: The primary user personas are privacy-conscious Mac users, smart home enthusiasts, IT professionals managing home offices, and developers who need to debug network-dependent applications. It caters to users who want granular control and visibility without vendor lock-in or cloud dependencies.
3. Use Cases: Essential scenarios include identifying unauthorized devices on a home Wi-Fi network, troubleshooting intermittent connectivity issues by reviewing a device's historical online/offline pattern, quickly assessing the security posture of new IoT devices (like smart plugs or cameras), and preparing for screen shares or bug reports by using Demo Mode to obfuscate sensitive network information.

Unique Advantages

1. Differentiation: Compared to router admin panels, Netfox offers a modern, native UI with full history. Versus vendor cloud apps (e.g., from router manufacturers), it guarantees data privacy and works with any network hardware. Against powerful but complex tools like Wireshark or nmap, Netfox provides an automated, persistent, and GUI-driven approach tailored for continuous LAN monitoring.
2. Key Innovation: The core innovation is the synthesis of multiple discovery protocols into a single, persistent device intelligence engine. By merging Bonjour, ARP, SSDP, NetBIOS, and active probe data over time, Netfox creates a rich, evolving profile for each physical device on the network, a capability typically absent in consumer-grade tools. The privacy-centric design, including the one-keystroke Demo Mode, is also a standout feature in the network utility space.

Frequently Asked Questions (FAQ)

1. Is Netfox a free network monitor for Mac? Yes, Netfox is currently a completely free application for macOS. The developer offers it with the option for users to voluntarily sponsor the project to support its ongoing development and maintenance.
2. How does Netfox detect devices on my network without admin access? Netfox uses a combination of standard, non-intrusive network protocols available to any application on macOS. It reads the system's ARP cache, listens for Bonjour/mDNS broadcasts, sends SSDP and NetBIOS discovery requests, and performs simple ICMP (ping) probes. No root privileges are required for these core discovery functions.
3. Does the Netfox security scan pose any risk to my devices? No. The security scan performs basic TCP connection attempts to well-known ports and immediately closes the connection if it is successful. This is a non-intrusive method identical to what a web browser does when loading a page. It does not perform exploitation, fingerprinting, or use raw sockets, making it safe for use on home network devices.
4. Can Netfox monitor devices on a separate guest Wi-Fi or VLAN? No. Netfox can only see devices on the same broadcast domain (subnet) as your Mac. If your router isolates guest networks or uses VLANs, devices on those segregated networks are invisible to your Mac's network interface, and therefore cannot be detected by Netfox or any other local monitoring software.
5. Why does Netfox require Location permission for Wi-Fi details on macOS? This is a macOS system-level restriction. Apple gates access to detailed Wi-Fi network information (like the SSID name) behind the Location Services permission. Netfox uses this permission solely to read the current Wi-Fi network name and neighbor list; it does not track, store, or transmit your geographical location.