NetAudit netaudit.sreeb.dev
An app for the café question · still in beta

Should I join this Wi-Fi?

Whenever I go to a café, I get curious about the Wi-Fi. What's the network. Who else is connected. Is it fast enough. Is the gateway spoofed.

Before this app I'd open four things. A speed checker. The terminal for pings. An ARP scanner to count devices. Then sit there squinting at all of them at once.

This is all of that, in one app you open from the menu bar.

One line to install brew install sreebalakrishnan/netaudit/netaudit or pick another way below ↓

Here's what it tells you. The same verdict — green, amber or red — rides along in the menu bar as a little Wi-Fi mark, so you can peek without opening anything.

This network looks safe. on "café-guest"
  • Encrypted Wi-Fi.
  • Fast enough for HD video.
  • Snappy response. Calls and games should feel smooth.
  • No tampering signs.
Wi-Fi
Encrypted
WPA3 · strong signal
Internet
Reachable
no captive portal
DNS
Using Cloudflare
trusted public resolver
Download
Fine for HD
18 Mbps · 5 MB in 2.2s
Response time
OK for calls
142 ms · jitter 24 ms
Safety check
No tampering
ARP table looks clean

…and a friendly device list underneath, every phone / TV / printer / IoT thing on the network with one-glance icons.

🛜
TP-Link router
192.168.1.1 · gateway
📱
iPhone
192.168.1.42 · Apple
💻
MacBook Pro
192.168.1.74 · Mac15,8
📺
Apple TV
192.168.1.86 · AppleTV14,1
🔊
HomePod
192.168.1.91 · AudioAccessory6,1
Unknown
192.168.1.118 · web UI: "Login"

macOS 11 or later. Apple Silicon or Intel. ~80 MB. Free, no telemetry. Prefer the terminal? After install, just run netaudit for a verdict without opening a window — or netaudit gui for the menu-bar app.

I haven't paid Apple their $99 yet. Which means: it's signed but not notarized. If you install via the curl one-liner or Homebrew you won't notice. If you double-click the DMG, macOS will warn you the first time and you'll need to right-click → Open. One-time thing.

Not on the App Store. Apple's sandbox would block about half the checks (the interesting ones, mostly). Might tackle that some day. Probably not soon.

Tested mostly on my own LAN at home and at a couple of cafés in Pondy. If you find something weird, drop an issue on GitHub.

Eleven things. The ones I actually care about: whether the gateway MAC looks tampered with (the classic café-MITM tell), jitter (whether calls will stutter), which DNS resolver the network handed me (and whether it's a familiar one), and how many hops my traffic takes to reach the open internet.

Plus the obvious ones — encryption type, download speed, public IP and geo, captive portal detection, whether a VPN is on, whether Apple Private Relay is reachable. And a LAN scan that labels every device on your network as a phone, TV, computer, printer or speaker, using mDNS / SSDP / port profiling.

It also knows your own networks. On a personal hotspot — your phone, your hardware — it won't cry wolf about the "rogue" gateway MAC the way a café check would; it just says trusted. Mark a network as home or office (give it a name, even — handy since recent macOS hides the SSID) and it does the same: skips the public-Wi-Fi nags, but still speaks up if something's genuinely off — an open network, a captive-portal sign-in, a hijacked DNS resolver.

Everything runs locally. The probes are rootless, so no password prompt.

Python backend wrapped in a native macOS shell (rumps for the menu bar, WKWebView for the window). Bundled with py2app. Open source, MIT-ish, do whatever.

github.com/sreebalakrishnan/netaudit