The security dashboard
for sysadmins

50+ modules for auditing, firewall management, VPN, SSL, DNS and network scanning. Runs entirely on your hardware. No cloud. No telemetry.

iptables / nftables WireGuard / OpenVPN BIND9 + RPZ Debian 13 AppArmor zero cloud CLI + browser

netforge — audit

$ netforge audit example.com

✓ SSL / TLS

✓ DNS

✓ Cookie

✓ CORS

✓ Mail

✓ Port Scan

Score: 87/100 — low

$ netforge ssl example.com --json \

| jq '.score'

modules

Full Audit A–Fweb

SSL/TLS, HTTP headers, cookies, CORS, CSP, methods, technology stack, mail, ports. Weighted score with radar chart and PDF report.

Firewalliptables · nftables · ipset

Parser, builder and exporter. 18 audit checks with findings and guided fixes. Rule conflict detection, simulator, diff.

VPNwireguard · openvpn

Configuration generator and auditor. Multi-client, mesh topology, DDNS integration via BIND9 event hooks.

DNSmulti-resolver · bind9 · rpz

Multi-resolver queries, DNSSEC, AXFR, reverse lookup, subdomain discovery. BIND9 config generator with RPZ blocklists.

Network Scannerlan · snmp · l2

LAN and remote subnet scanning with topology map. SNMP audit, NetBIOS hostname discovery, gateway detection.

L2 Anomalyids

Detects ARP Poisoning, DHCP Rogue, DNS Spoofing, SYN Flood, port scan activity, Stratum mining connections.

SSL / TLSx509 · ocsp · hsts

Protocol support, cipher suites, certificate chain, OCSP stapling, HSTS preload, CT logs, forward secrecy. Grade A–F.

Mail Analysisspf · dkim · dmarc · rbl

SPF, automatic DKIM selector discovery, DMARC policy, RBL on 10 blacklists, STARTTLS, MX fingerprint.

CVE & Fingerprintnvd · waf

Technology stack detection, WAF identification, CVE lookup from NVD, sensitive path probing, hardening findings.

The security dashboardfor sysadmins