Noxen — native macOS tool to scan your self-hosted services for CVEs + exposed admin UIs
Hey r/selfhosted,
Launched a thing this week I've been using against my own homelab for a while. Noxen is a Mac-native vulnerability scanner that you point at your self-hosted services over SSH. It walks the package manager (apt/rpm/apk), matches against a daily CVE feed, and tells you which of your Home Assistant / Grafana / Plex / Pi-hole / *arr suite / UniFi / etc. instances have outdated software or an exposed admin UI.
It covers most of the stack this sub talks about every day. The admin-surface catalog recognises ~70 services out of the box — detecting a bare Grafana on :3000 or an open Jellyfin on :8096 is the 90% case, and the remediation text tells you exactly what config knob to turn.
What makes it useful specifically for self-hosting:
- Agentless — no installer on the target. Uses your existing SSH keys.
- LAN scan built in: probes every
_ssh._tcpBonjour service + subnet-sweep of port 22, then lets you pick which to enrol. - Also parses
~/.ssh/config, so if you already have all your homelab boxes in an SSH config file, onboarding is one click. - Custom checks: drop a JSON file (or use the in-app editor) for any service the built-in catalog doesn't cover.
Free tier is 3 hosts, $79 one-time for 25. Fine for most home setups. Paid plans add daily CVE feed + scheduled scans + Slack / Discord / Teams webhooks when a new critical lands.
Not MAS — Developer ID signed + notarised + Sparkle auto-update.
Happy to answer anything. Link in comments per sub rules.