A fast, native-Windows LAN scanner for IT admins, MSPs and small businesses. Drop the single .exe on any box, point it at a subnet, and get a clean device inventory — device type and exact model, open ports and services, printer supply levels and heuristic security findings — plus a consultant-quality, single-file HTML report. No installer, no services, no telemetry.
Verify the binary before you run it: Get-FileHash NetLens.exe -Algorithm SHA256 and compare against the hash above (or against the .sha256 sidecar). If your organisation prefers to build from source, the ZIP includes the full tree and a single build.ps1 script that runs CMake configure + a Release build in one step (requires Visual Studio 2022 with the Desktop C++ workload).
LICENSE.txt and NOTICE.txt bundled in source ZIP and repo.%APPDATA% folder, no registry writes, no installer footprint.NetLens.exe — 2.5 MB portable executable.7f21b9a80b8ab1bfb4f64180ff83e876b3a862fe3e43c1da7ee78def9e40ee0f. Verify with Get-FileHash NetLens.exe -Algorithm SHA256.A completed scan of an example /24, then close-ups of the per-host details pane — printer supplies read over SNMP, and the heuristic security findings. Click any image to enlarge.
Everything below ships in the same single executable — no plug-ins, no add-ons, no cloud calls.
GetAdaptersAddresses. The scan-range field is pre-filled with the on-link prefix; ranges above 1024 hosts are flagged.192.168.1.1-254, 192.168.1.10-192.168.1.50 or 192.168.1.0/24.connect() plus select() across a batch of ports: four ports cost one timeout window instead of four. A thread pool with configurable concurrency (default 256, capped at 1024) and locality-aware ordering surfaces populated subnets first on large ranges.GetNameInfo with a hard 800 ms cap per host, so one slow PTR record cannot stall the scan.SendARP for local-subnet hosts, then the embedded IEEE OUI registry (~52,790 entries across MA-L /24, MA-M /28 and MA-S /36 — public IEEE data) resolves the manufacturer of record.select() loop with a 600 ms global budget; source-IP-verified responses drop LAN spoofs.version.bind CHAOS TXT query.select() window per host, so the per-host cost stays bounded no matter how many go silent.public) reads sysDescr / sysName / serial, then walks prtMarkerSupplies (RFC 3805) to surface per-cartridge supply levels — black, cyan, magenta, yellow, drum, fuser, waste toner and maintenance kit — normalised across manufacturers and shown as colour-coded bars.Ctrl+T captures the full visible UI into a timestamped folder..exe; the same static library and stable C header (engine/include/netlens_engine.h) can be linked from any C-ABI consumer for headless or scheduled scans..exe — settings are session-only; nothing is written to %APPDATA% and there are no registry writes.Each version on this page maps to a tagged snapshot on GitHub — binaries are reproducible from the source ZIP.
Two-phase scan fixes.
Deep / All-Ports scans now build on the initial discovery instead of appearing to restart: open ports, services, SMB shares, printer supplies and security findings from the first pass carry through to the full sweep, the scan duration no longer resets at the phase change, and the sweep skips the ports discovery already covered. The Custom Ports field now appears immediately when its preset is selected, with an inline format hint.
Device fingerprinting, security findings & large-scan stability.
This public release rolls up the 1.4 and 1.5 development line. A new Security findings layer surfaces curated CVE / EOL heuristics from observable service banners and version hints — in the details pane and the HTML report; heuristic indicators only, never a confirmed CVE. SMB dialect detection over direct negotiation reports SMB 1.0 / 2.x / 3.x, with anonymous share enumeration where the host permits it. Device fingerprinting widened across routers and firewalls, managed switches, wireless controllers and access points, NAS appliances, server baseboard controllers, hypervisors, VoIP phones and smart-home devices, and a dedicated Model column (grid, HTML, CSV) reads the exact model only from manufacturer-driven, read-only management endpoints — never a raw page title. Printer enrichment now also reads label printers over their native SGD protocol (TCP 9100). Large ranges get an O(1) result accumulator with repaint throttling and a faster Stop on slow / firewalled / VPN hosts. Fixes: removed an incorrect SMB1 / EternalBlue finding that could fire on ordinary SMB 2.1 hosts (Windows 7 / Server 2008 R2 / 2012 and many NAS devices), plus report and export hardening (HTML escaping across every field, a CSV formula-injection guard, codepoint-safe UTF-8 at the engine boundary).
Native Win32 rewrite + scan-engine fork.
From-scratch native Win32 UI on a forked + extended C++ scan engine. Single 2.5 MB statically-linked NetLens.exe with PerMonitorV2 DPI awareness, static CRT, zero runtime DLL dependencies. UDP discovery widened to eight probes (added SQL Browser, LLMNR, IPMI alongside NBNS / NTP / SSDP / mDNS / DNS). New Printer SNMP module reads vendor + model + serial + per-cartridge supply levels via the Printer-MIB. Enrichment overhaul: fewer false positives (win- hostname, TP-Link cameras, IPP/CUPS-on-Linux), Netgear-switch detection, 3CX PBX recognition, anchored hostname rules. Engine reliability fixes from internal + external audits (restart race, clear_results race, cancel-to-100% jump, UTF-8 codepoint truncation, NBNS hostname promotion). HTML report redesign: offline hosts hidden by default; new Printer supplies + UDP discovery sections. Loads cleanly on Windows 7 / 8 / 8.1 / 10 / 11 and Server 2012+ (Win10-only user32 exports resolved at runtime). The CLI subsystem is gone — the GUI is now the only entry point; scripted scans link the engine’s C ABI directly.
UDP service enrichment.
Six parallel UDP probes per online host — NetBIOS 137, mDNS 5353, SSDP 1900, SNMP 161, DNS-version 53, NTP 123 — surface the services TCP-only scanners miss. NetBIOS name now feeds a Hostname fallback when reverse DNS is empty. Risk model picks up SNMP-public reads (Medium), UPnP and NetBIOS exposure (Low). New CSV columns and a UDP section in the HTML report. Auto-disabled for ranges above 1024 hosts.
Licence-clean OUI source.
OUI registry swapped to the IEEE Registration Authority’s public CSV registries (MA-L, MA-M, MA-S) — ~52,790 entries, free public use, no attribution required. The previous source carried a copyleft licence; the new one is unencumbered, so it can be bundled directly into the binary. Generator script rewritten for IEEE’s tab / CSV format. Vendor port-priority profiles unchanged (they hit IEEE-formal organisation names already).
Richer OUI, vendor port-priority, preset manager.
OUI database upgraded to 57,140 entries. New VendorPortProfiles module: video surveillance, MikroTik, VMware, NAS, printers, server BMC, Ubiquiti, Cisco, VoIP phones, Apple, smart-home IoT, ICS / SCADA — each gets a tailored port order so vendor-typical services appear first. New Tools → Manage port presets dialog (view, rename, edit, add, delete) with in-memory edits per session.
Project rename to NetLens.
Binary now ships as NetLens.exe. Internal namespace renamed to netlens::. Resource files renamed. APPDATA folder now %APPDATA%\NetLens\. No functional changes — scan engine, risk model, GUI, CLI, exports, baseline format and monitor logic are identical to v1.0.8.
Review-driven hardening.
Scan default flipped to Deep so Windows boxes that block ICMP no longer get silently missed. Concurrency dropped from 2048 to 1024 to play nicely with consumer-router rate-limits. Scanner-to-UI handoff is now strictly UI-thread (heap payload + PostMessage). Cancelled-scan progress bug fixed. DNS auto-off for ranges above 1024 hosts. HTML export shows scan state explicitly with an amber banner for cancelled runs.
It really is free and open source. We built NetLens for our own engineering work and use it on client engagements; publishing it is a way to give something back to the small-business IT community. There is no upsell, no “pro” tier, no licence server. If you need a customised variant for your team, that’s a paid engagement — the public tool stays free.
On first launch SmartScreen may show “Windows protected your PC”; click More info → Run anyway. Verify the SHA-256 above against the .sha256 sidecar with Get-FileHash NetLens.exe -Algorithm SHA256. If your organisation requires building from source instead, the ZIP includes the full tree and a one-step build.ps1 — the resulting binary is identical to ours.
No. NetLens uses standard Windows socket APIs (connected TCP and UDP sockets, SendARP, GetNameInfo, GetAdaptersAddresses). No raw sockets, no kernel driver, no admin token required.
NetLens is built for the everyday LAN-inventory job on small and medium business networks: “who is on this subnet, what are they running, give me a report I can send to the customer.” It is intentionally focused — portable single-file binary, fast scans, vendor-aware port priority, UDP service enrichment, clean CSV / HTML reports. For deep security auditing or red-team work, a dedicated security scanner is the right choice; NetLens is not designed for that workflow.
Yes. The adapter dropdown lists every IPv4 interface, including VPN virtual adapters. Pick the VPN adapter and the suggested range comes from its on-link prefix.
v1.3 ships GUI-only — the standalone CLI subsystem from earlier versions was removed. For scripted / scheduled scans, link the engine’s C ABI directly: engine/include/netlens_engine.h is a stable C header (no C++ types, no STL), and the engine builds as a static library that any C-ABI consumer can link. CSV / HTML exports remain RFC-4180-clean and self-contained respectively.
All third-party names, marks, logos and brand identifiers visible on this page — in body copy, in screenshots, in scan-result tables and in the embedded source listings — are the property of their respective owners. 3389 Software Outsourcing SRL is not affiliated with, sponsored by, endorsed by, or in partnership with any of these companies, products or services.
Manufacturer names that appear in NetLens scan results are derived from the publicly available IEEE Registration Authority OUI registry via the MAC address of each scanned host. They represent the manufacturer-of-record reported by IEEE for that address block; they do not imply any commercial relationship or compatibility claim. The screenshots on this page use synthetic data generated for product demonstration.
References to other tools, services, file formats or operating systems are made solely to describe interoperability, file-format compatibility or technical context. No competitive comparison or endorsement is implied. If you believe content on this page misrepresents your brand, please contact us and we will address it promptly.
Different protocols, custom report layout, on-prem integration, branded output, embedded use inside a larger product — we’ve done all of those. Tell us what you need.