Professional network diagnostics CLI with rich terminal output
Project description
ncheck
ncheck is a professional security platform for diagnostics, authorized pentest workflows,
personal security hygiene and passive OSINT.
It is designed for SRE, platform and security teams that need terminal-first checks with
clean rich output and machine-friendly JSON.
Professional Capabilities
- Network diagnostics:
ping: ICMP latency and packet-loss checksdns: hostname resolution by family (any,ipv4,ipv6)http: endpoint reachability and timing checksports: concurrent TCP port scantraceroute: path visibility to a targettls: certificate, issuer, protocol and expiry inspection- Defensive pentest posture:
audit: pentest-style exposure audit for authorized targetssurface: composed attack-surface assessment (DNS + ports + HTTP + TLS)- risky port exposure classification
- HTTP security-header posture analysis
- Passive OSINT toolkit:
osint-domain: WHOIS, DNS intelligence, CT subdomains, security.txt postureosint-email: MX, breach intelligence (optional HIBP API key), identity indicators- Personal security hygiene:
personal-security: local firewall state + listening service exposure triage- System observability:
system: local CPU, memory and top process usage- Engineering quality:
- typed service layer + dataclass result models
- consistent non-zero exit codes on failures/findings
- rich terminal rendering + JSON automation mode
- declarative batch plans (JSON/YAML) for repeatable diagnostics
- optional enterprise GUI dashboard with execution timeline and report export
- unit tests with
pytestand linting withruff
Legal and Ethical Use
Some commands can assess remote exposure (ports, audit, surface, traceroute).
Only run them against systems you own or have explicit permission to test.
audit and surface require --authorized as explicit confirmation.
Installation
pip install -e .
Development setup:
pip install -e .[dev]
Optional extras:
pip install -e .[batch]
pip install -e .[gui]
Command Examples
ncheck --help
ncheck --version
ncheck ping 8.8.8.8 --count 6 --timeout 1.2
ncheck dns github.com --family ipv4
ncheck http https://api.github.com --method HEAD --timeout 3
ncheck ports scanme.nmap.org --ports 22,80,443,8080
ncheck traceroute cloudflare.com --max-hops 25
ncheck tls cloudflare.com --port 443 --fail-on-warnings
ncheck system --top 10
ncheck personal-security --json
ncheck osint-domain example.com --include-subdomains
ncheck osint-email analyst@example.com --hibp-api-key $HIBP_API_KEY
ncheck surface example.com --authorized --ports 21,22,80,443,445 --json
ncheck batch examples/batch-plan.json --json
ncheck gui --host 127.0.0.1 --port 8501
Defensive audit (authorized targets only):
ncheck audit example.com --authorized --ports 21,22,80,443,445,3389
JSON mode for automation:
ncheck ping cloudflare.com --json
ncheck http cloudflare.com --json
ncheck system --json
ncheck audit example.com --authorized --json
ncheck surface example.com --authorized --json
ncheck osint-domain example.com --json
ncheck personal-security --json
ncheck batch plan.yaml --json
Batch Plans (JSON/YAML)
You can execute multiple checks from a single declarative file:
{
"checks": [
{"check": "ping", "host": "8.8.8.8", "count": 4, "timeout": 2.0},
{"check": "dns", "host": "example.com", "family": "ipv4"},
{"check": "osint_domain", "target": "example.com", "include_subdomains": true},
{"check": "personal_security", "top_ports": 20},
{"check": "surface", "host": "example.com", "authorized": true, "ports": "80,443"}
]
}
Rules:
- each item must define
check - check options can be top-level fields or grouped inside
options auditandsurfacerequireauthorized: true
GUI Dashboard
The GUI is web-based and built with Streamlit:
ncheck gui --host 127.0.0.1 --port 8501
It provides:
- interactive forms for diagnostics, pentest posture, OSINT and personal security
- execution timeline with success/failure tracking
- consolidated JSON report download for governance/audit trails
Exit Codes
0: command completed without failure conditions1: runtime error, check failure, or finding-based failure2: invalid CLI usage/argument validation error
Development
ruff check .
pytest
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file ncheck-1.1.1.tar.gz.
File metadata
- Download URL: ncheck-1.1.1.tar.gz
- Upload date:
- Size: 41.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
15a9bf22b89313569bcd6ca6998bb9c111e5f3bfd93a0092eb83276af0d9a5d7
|
|
| MD5 |
291049f494b082ebea2bdffedf90f925
|
|
| BLAKE2b-256 |
48963d1ed11d3ef4990dfa96cbe624e8e62f9992f8739c3d8d8a3955acaf1915
|
File details
Details for the file ncheck-1.1.1-py3-none-any.whl.
File metadata
- Download URL: ncheck-1.1.1-py3-none-any.whl
- Upload date:
- Size: 38.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e6e49b7139d9589eeb19c0eacc4406a8c18307e6a9a08965351502d96c5f70f4
|
|
| MD5 |
5e1f2eb0fa900a9b56589f1343b642dd
|
|
| BLAKE2b-256 |
fe711fd0839649e561f510a3db7ba7511ceebce15bc4280b9d821a64b57ae262
|
