README
¶
netcheck
A comprehensive network gateway security assessment tool for identifying vulnerabilities in home and small office routers.
Features
- Gateway Discovery: Automatically detects your network gateway
- Service Detection: Identifies UPnP, NAT-PMP, mDNS, SSDP, and other network services
- Security Analysis: Tests for default credentials, exposed services, and misconfigurations
- Port Mapping Enumeration: Discovers active UPnP port forwards
- Device Fingerprinting: Identifies router vendor, model, and serial numbers
- IPv6 Assessment: Checks IPv6 configuration and potential firewall bypasses
- Comprehensive Reporting: Prioritized security issues with actionable recommendations
Detectors
| Detector | Flag | Default | Description |
|---|---|---|---|
| Web Interface | --web |
✅ | Tests router web interface, detects vendor, and checks default credentials |
| Port Scanning | --ports |
✅ | Scans common management ports (SSH, HTTP, HTTPS, SNMP, etc.) |
| UPnP Discovery | --upnp |
✅ | Discovers UPnP services and enumerates active port mappings |
| NAT-PMP | --natpmp |
✅ | Detects NAT-PMP services for automatic port mapping |
| IPv6 Analysis | --ipv6 |
✅ | Analyzes IPv6 configuration and connectivity |
| API Discovery | --api |
✅ | Checks for exposed router APIs and CGI scripts |
| mDNS Discovery | --mdns |
🔧 | Comprehensive mDNS/Bonjour service discovery |
| SSDP Discovery | --ssdp |
🔧 | Discovers SSDP services (DLNA, IoT devices) |
| Starlink Detection | --starlink |
🔧 | Specialized Starlink Dishy detection |
| Routing Info | --routes |
🔧 | Displays routing table information |
| Device Info | --device |
🔧 | Shows network interface and device information |
| External IP | --external |
🔧 | Discovers external IPv4/IPv6 addresses |
| LLDP Discovery | --lldp |
🔧 | Link Layer Discovery Protocol analysis |
Special Flags
| Flag | Description |
|---|---|
--all |
Run all available detectors |
--default |
Run only the default detector suite |
--show-virtual |
Include virtual network interfaces (VPN tunnels, Docker bridges, etc.) |
--proxy |
Test proxy configuration (requires --external) |
Legend: ✅ = Enabled by default, 🔧 = Flag required
Quick Start
Try netcheck without installation:
go run github.com/R167/netcheck@latest
Installation
git clone https://github.com/R167/netcheck.git
cd netcheck
go build -o netcheck
Usage
Basic Security Scan
./netcheck
Run Specific Detectors
./netcheck --mdns # mDNS service discovery
./netcheck --external --proxy # External IP with proxy testing
./netcheck --all # All available tests
Example Output
🔍 Network Gateway Security Checker
====================================
🌐 Gateway IP: 192.168.1.1
🔍 Checking web interface...
📱 Detected vendor: Netgear
🔐 Testing default credentials for netgear...
🚨 Default credentials work: admin/password
🔍 Checking UPnP services...
📡 UPnP SSDP discovered
📄 Device: Netgear R7000 (NETGEAR, Inc.)
🔓 Found 3 port mapping(s)
*:80 → 192.168.1.100:80 (TCP)
*:22 → 192.168.1.50:22 (TCP)
📊 Security Assessment Report
=============================
Vendor: Netgear
Model: R7000
Issues Found: 3
🚨 Security Issues:
1. 🚨 [CRITICAL] Default credentials are active
Username: 'admin', Password: 'password'
2. ⚠️ [HIGH] Active UPnP port mappings detected
Found 3 active port forwarding rules that may expose internal services
3. 🔶 [MEDIUM] UPnP service is enabled
UPnP can expose internal services and allow port forwarding
Security Analysis
The tool performs comprehensive security analysis including:
- Default Credentials: Tests vendor-specific default login combinations
- Service Discovery: UPnP, SSDP, NAT-PMP, mDNS/Bonjour, IPv6 configuration
- Port Scanning: Common management ports (SSH, HTTP, HTTPS, SNMP, Telnet)
- API Enumeration: Router APIs, CGI scripts, WPS configuration
- Device Fingerprinting: Vendor, model, and serial number identification
Supported Vendors
Linksys, Netgear, D-Link, TP-Link, ASUS, Cisco, Belkin, Motorola, and others.
Security Issues
Issues are categorized by severity:
- 🚨 Critical: Default credentials, exposed admin interfaces
- ⚠️ High: Active UPnP port mappings, Telnet exposure, exposed CGI scripts
- 🔶 Medium: UPnP/NAT-PMP enabled, SSH exposure, IPv6 issues, WPS enabled
- ℹ️ Low: mDNS exposure, information disclosure
Contributing
Contributions are welcome! Please feel free to submit issues, feature requests, or pull requests.
Disclaimer
This tool is intended for security assessment of networks you own or have explicit permission to test. Users are responsible for complying with all applicable laws and regulations.
Documentation
¶
There is no documentation for this package.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package checkers provides the core checker framework for netcheck security assessments.
|
Package checkers provides the core checker framework for netcheck security assessments. |
|
api
Package api provides router API endpoint discovery and security assessment functionality for netcheck.
|
Package api provides router API endpoint discovery and security assessment functionality for netcheck. |
|
common
Package common provides shared types and constants used across all netcheck checkers.
|
Package common provides shared types and constants used across all netcheck checkers. |
|
device
Package device provides local device and network interface analysis functionality for netcheck.
|
Package device provides local device and network interface analysis functionality for netcheck. |
|
external
Package external provides external IP address discovery and proxy detection functionality for netcheck.
|
Package external provides external IP address discovery and proxy detection functionality for netcheck. |
|
ipv6
Package ipv6 provides IPv6 configuration analysis and security assessment functionality for netcheck.
|
Package ipv6 provides IPv6 configuration analysis and security assessment functionality for netcheck. |
|
lldp
Package lldp provides Link Layer Discovery Protocol (LLDP) neighbor discovery functionality for netcheck.
|
Package lldp provides Link Layer Discovery Protocol (LLDP) neighbor discovery functionality for netcheck. |
|
mdns
Package mdns provides multicast DNS (mDNS) service discovery functionality for netcheck.
|
Package mdns provides multicast DNS (mDNS) service discovery functionality for netcheck. |
|
natpmp
Package natpmp provides NAT Port Mapping Protocol (NAT-PMP) detection functionality for netcheck.
|
Package natpmp provides NAT Port Mapping Protocol (NAT-PMP) detection functionality for netcheck. |
|
ports
Package ports provides router port scanning functionality.
|
Package ports provides router port scanning functionality. |
|
routes
Package routes provides network routing table analysis functionality for netcheck.
|
Package routes provides network routing table analysis functionality for netcheck. |
|
ssdp
Package ssdp provides SSDP (Simple Service Discovery Protocol) service discovery functionality for netcheck.
|
Package ssdp provides SSDP (Simple Service Discovery Protocol) service discovery functionality for netcheck. |
|
starlink
Package starlink provides Starlink Dishy detection and security assessment functionality for netcheck.
|
Package starlink provides Starlink Dishy detection and security assessment functionality for netcheck. |
|
upnp
Package upnp provides UPnP/SSDP discovery and port mapping enumeration.
|
Package upnp provides UPnP/SSDP discovery and port mapping enumeration. |
|
web
Package web provides router web interface detection and default credential testing.
|
Package web provides router web interface detection and default credential testing. |
|
internal
|
|
|
cli
Package cli provides the command-line interface for netcheck.
|
Package cli provides the command-line interface for netcheck. |
|
mcp
Package mcp provides Model Context Protocol server implementation for netcheck.
|
Package mcp provides Model Context Protocol server implementation for netcheck. |
|
output
Package output provides output interfaces for checkers, enabling both streaming and buffered output modes.
|
Package output provides output interfaces for checkers, enabling both streaming and buffered output modes. |
|
runner
Package runner provides the execution context and orchestration for security checkers.
|
Package runner provides the execution context and orchestration for security checkers. |
Click to show internal directories.
Click to hide internal directories.