Launching today on Product Hunt
Your homelab is fifteen Linux boxes you own.
None of them have been audited in months.
Noxen is a Mac app that runs nightly agentless audits of your remote Linux fleet over SSH. CVEs, weak SSH config, expiring TLS, exposed admin panels — caught the morning after. Mac-native. No SaaS round-trip. $79 one-time, free tier for 3 hosts.
What it is
The Mac control plane for your homelab security
Connect to your Linux boxes over SSH on your existing keys.
Inventory what's installed. Run a port + admin-surface probe.
Audit your sshd_config and TLS. Match everything
against a daily-rebuilt CVE feed from VulnCheck NVD++ and
OSV.dev. The morning-after report tells you what changed on
your fleet overnight.
- Mac-native.No Electron, no Docker, no web dashboard. The app is the control plane.
- Agentless.Reuses your existing SSH keys. Nothing installed on the boxes you scan.
- No SaaS round-trip.Inventory + findings live on your Mac. There is no Noxen cloud to compromise.
- One-time license.$79 buys Noxen 1.x for 25 hosts. Subscription tiers are optional.
Pricing — at a glance
Pay once for the app. Subscribe only for the daily feed.
Why we built it
The gap between two bad options
Homelab security has been stuck between
(a) apt list --upgradable on every box every
Saturday and (b) pay enterprise-scanner pricing for
tools that weren't built for fleets you actually own.
Noxen is the missing middle: Mac-native, agentless,
homelab-priced.
The data sources are public — we never enrich, never re-score, never invent. The signing keys are bundled in the app and verified before any record touches your local store. The bundle ships notarised by Apple. Nothing about how this works is closed-source magic; the docs spell out every byte path.
What it deliberately isn't
Not an exploit tool. Noxen flags exposed Grafana / phpMyAdmin / Pi-hole panels but never authenticates against them. That's a product decision; defence-in-depth research, not a credential-test framework.
Not a compliance product. Findings are evidence, not certifications. CIS Controls v8 / SOC 2 / ISO 27001 mappings are included as evidence supplements when you need them, not as claims you can hand to an auditor unedited.
Final word
Try it free. No credit card.
The free tier covers 3 hosts and never expires. The $79 license is one-time — buy it once, use it forever on the version you bought. Year-1 of CVE feed updates is included; year-2+ is optional ($39/year).