discover--arp --passive
Active ARP sweeps plus a passive ARP/DHCP sniffer surface new devices the moment they talk — no agents, no config.
root@inspectre:~$ inspectre scan --lan --discover
[+] ARP sweep started on eth0 (192.168.0.0/24)
[+] passive ARP/DHCP sniffer attached … listening
[+] 47 hosts up · 312 ports · 6 CVEs flagged · 0 bytes left your LAN
Know every device on your network.
InSpectre automatically discovers, tracks, fingerprints, and security-scans every device on your LAN — then lets you block, monitor and get alerted on all of it. Self-hosted, end to end.
▸ get inspectre ▸ read the docs
root@inspectre:~$ █
# inspectre --summary
| 4 | containers — frontend · backend · probe · postgres | |
| 25 | built-in network & diagnostic tools | |
| 16 | notification channel types | |
| 0 | bytes leave your LAN by default |
$ man inspectre — capabilities(7)
scan--vuln
Nuclei + nmap -sV CVE scanning per device, with scheduled sweeps and a severity-grouped security dashboard.
block--arp-mitm
Cut any device off the internet via ARP MITM. Pause the whole network, or schedule recurring per-device / per-person blocks.
presence--per-person
Group a household member's devices under one person, see Home/Away at a glance, and block by person.
traffic--speedtest
Per-device traffic analysis — domains, countries, unusual ports — plus scheduled Ookla speed tests.
watch--sse
A live Server-Sent Events stream pushes changes to the UI, backed by polling so the dashboard always stays current.
containers--docker --proxmox
Watch Docker & Proxmox hosts, stream logs, and Trivy-scan images for CVEs — all in the same UI.
fingerprint--oui --dhcp
OUI, DHCP and port-pattern matching — with optional Fingerbank lookups — auto-classify every device.
notify--profiles
Notification profiles route any event to 16 channel types: ntfy, Gotify, Pushbullet, Pushover, Slack, Telegram, Discord, Email, Matrix, MS Teams, Signal, WhatsApp, MQTT, IFTTT, Webhook & Home Assistant.
plugins--declarative
Extend discovery, presence, DNS, traffic & blocking with a single YAML/JSON manifest — no code. Plugin guide →
auth--jwt
Built-in JWT login with an optional 30-day "remember me", plus AES-256-GCM encrypted backups & restore.
homeassistant--mqtt
Optional Home Assistant MQTT auto-discovery publishes presence, new-device, IP, port and vuln sensors.
# people, not just MACs
See who's home at a glance
Group the phone, laptop, watch and tablet a household member carries under a single named person. InSpectre turns "is any of their kit online?" into a clear Home/Away state.
- Colour-coded Home / Away cards with presence history
- Nominate a primary device as the source of truth
- Block all of a person's devices in one click
- Recurring per-person block schedules
- Arrived-home / left-home notifications
┌─ presence ───────────────┐ │ │ │ ● alex HOME 4 dev │ │ ● sam HOME 3 dev │ │ ○ jordan AWAY 2 dev │ │ ● guest HOME 1 dev │ │ │ │ [block] [schedule] [+] │ └──────────────────────────┘
┌─ data flow ──────────────┐ │ │ │ LAN ─────────► InSpectre│ │ InSpectre ──► ∅ cloud │ │ │ │ outbound ...... opt-in │ │ accounts ...... none │ │ backups ....... AES-256 │ │ auth .......... JWT │ └──────────────────────────┘
# your data stays yours
100% self-hosted. No cloud. No accounts.
InSpectre runs as four small containers — frontend, backend, probe and a PostgreSQL database — on hardware you control. Nothing about your network ever leaves your LAN unless you explicitly enable an outbound integration.
- Built-in auth with JWT sessions & "remember me"
- Encrypted (AES-256-GCM) backups & restore
- Optional Home Assistant MQTT auto-discovery
- Guided first-run setup wizard — no file editing
Spin it up in under a minute.
# download & run the installer — no git clone, no building
$ curl -fsSL https://raw.githubusercontent.com/thefunkygibbon/InSpectre/main/inspectre-install.sh | bash