The Terminal Needs More Security Tools š”ļø
If you spend most of your day in the terminal (shoutout to my fellow Neovim and Zsh users), switching to a heavy GUI just to check your network's security posture feels like a context switch you shouldn't have to make.
When you want to know what devices are lurking on your local subnet, or if your nearby WiFi networks are leaking data via outdated encryption, the standard approach usually involves running raw nmap commands and parsing through walls of text.
I wanted something faster, more visual, and entirely keyboard-driven. I wanted a tool that didn't just dump data, but actually analyzed it and gave me a risk score.
So, I built NOVA (Network Observation & Vulnerability Analyzer).
What is NOVA? š
NOVA is a purely defensive security assessment tool written in Go. It wraps powerful underlying system utilities (nmap and nmcli) in a beautiful, interactive Terminal User Interface (TUI).
Instead of parsing terminal vomit, NOVA gives you an organized dashboard to understand your environment.
Core Capabilities:
- š” WiFi Analysis: Instantly list nearby access points. NOVA detects their encryption types (Open, WEP, WPA, WPA2, WPA3) and flags weak or broken configurations.
- š Fuzzy Filtering: Live search by SSID/BSSID and cycle through security filters with a single keystroke.
- š„ļø LAN Host Discovery: Performs a ping-sweep of your subnet to enumerate active hosts, complete with MAC addresses and vendor lookups.
- šØ Risk Scoring & Tagging: This is the best part. NOVA scans common ports and assigns a weighted 0ā100 security score. If it finds a dangerous open port (like an exposed Telnet, SMB, or MongoDB instance), it color-codes the finding from Info to Critical.
The Tech Stack š ļø
Building CLI tools in Go is a fantastic experience, especially when you bring in the right libraries.
- The Engine: Go 1.24+. Fast, statically typed, and perfect for compiling single binaries.
- The UI: Bubble Tea & Lip Gloss. If you haven't used Charm's libraries for Go TUIs yet, you are missing out. They make building interactive terminal apps feel like writing a modern frontend component.
-
The Muscle: NOVA relies on
nmapfor the heavy lifting in host discovery and port scanning, andnmcli(NetworkManager) for grabbing raw wireless data on Linux.
A Crucial Note on Ethics āļø
Because Iām releasing this into the wild, I have to state the obvious: With great power comes great responsibility.
NOVA is a defensive tool. It is designed to help you secure your own home lab or company network. Scanning networks without authorization is illegal. To enforce this mindset, NOVA actually boots up with a strict legal consent screen that you must explicitly acknowledge before any packets are sent.
Keep it legal, keep it ethical.
Try It Out & Break It šØ
NOVA is completely open-source, and I'd love for the community to test it, critique the code, and suggest new features.
If you are on Linux or macOS (note: WiFi scanning is currently Linux-only, but LAN scanning works on both!), you can grab the pre-built binaries from the repo.
š GitHub Repo: github.com/Zayan-Mohamed/nova
š Full Docs: zayan-mohamed.github.io/nova
Iām currently looking for feedback on the Risk Scoring algorithm and how to better present the vulnerability data.
Drop a ā if you find it useful, and let me know in the comments what your go-to network scanning workflow looks like right now!
Top comments (0)