A small, fast, native-Windows LAN scanner and host monitor for IT admins, consultants
and small businesses. Drop the .exe on the box, point it at a subnet,
get a clean inventory and a consultant-quality HTML report — no installer,
no licence server, no telemetry.
Verify the binary before you run it: Get-FileHash NetLens.exe -Algorithm SHA256 and compare against
the hash above (or against the .sha256 sidecar). If your organisation prefers to build from source,
the ZIP includes the full build tree and a single build-release.bat script.
LICENSE.txt and NOTICE.txt bundled in source ZIP and repo.NetLens.exe — 2.3 MB single-file portable executable.a593c49123edbb5f5aa004d9603ce683d94102d8c72b7dc6e5ea75e289f76557. Verify with Get-FileHash NetLens.exe -Algorithm SHA256.Main scan window, scan results sorted by risk, and a sample HTML report.
The full feature set in one page — everything below is in the box, in the same single executable.
GetAdaptersAddresses. The scan-range field is pre-filled with the on-link prefix; ranges above 1024 hosts are flagged.192.168.1.1-254, 192.168.1.10-192.168.1.50 or 192.168.1.0/24.connect() plus select() across all ports in a batch: four ports cost one timeout window instead of four. Thread pool with configurable concurrency, default 256, capped at 1024.GetNameInfo with a hard 800 ms cap per host, so one slow PTR record cannot stall the entire scan.SendARP for local-subnet hosts, then the embedded IEEE OUI registry (~52,790 entries across MA-L /24, MA-M /28 and MA-S /36 — public IEEE data, no attribution required) resolves the vendor name._services._dns-sd._udp.local, surfaces the service catalogue advertised by printers, NAS, Apple devices, Chromecast / Roku, AirPlay.M-SEARCH ssdp:all, identifies consumer routers, smart TVs, DLNA servers.public) — reads sysDescr.0; often the cleanest way to identify Cisco / Mikrotik / Juniper firmware versions.version.bind CHAOS TXT query.WSAECONNRESET on recv(), which we read as “service absent” without further work. Six sockets share one select() window per host.--no-udp on the CLI or via Tools → Settings → Resolve UDP services.public reads as Medium; UPnP, NetBIOS name exposure and DNS version disclosure come through as Low.--range or --help for headless / scripted use. CLI exit codes: 0 success, 1 bad arguments, 2 scan error, 3 export error..exe. Logs go to %APPDATA%\NetLens\.Same binary — pass scan arguments to switch to CLI mode.
NetLens.exe --help
NetLens.exe --list-adapters
NetLens.exe --range 192.168.6.1-254 --preset quick
NetLens.exe --range 192.168.6.0/24 --mode deep --csv report.csv --html report.html
NetLens.exe --range 192.168.6.1-254 --no-dns --no-udp --online-only--range <expr> a.b.c.d-n, a.b.c.d-a.b.c.d or a.b.c.d/n--mode <id> deep (default), fast, discovery--preset <id> quick (default), windows, remote, web, common--ports <csv> Custom port list, overrides --preset--timeout <ms> Per-probe timeout, default 400, clamped [50, 10000]--parallel <n> Max concurrent host probes, default 256, clamped [1, 1024]--csv <path> Write CSV report--html <path> Write single-file HTML report--no-dns Disable reverse DNS--no-mac Disable MAC lookup--no-udp Disable UDP service probes--online-only Skip offline hosts in output / reportsEach version on this page maps to a complete source snapshot in the ZIP — binaries are reproducible.
UDP service enrichment.
Six parallel UDP probes per online host — NetBIOS 137, mDNS 5353, SSDP 1900, SNMP 161, DNS-version 53, NTP 123 — surface the services TCP-only scanners miss. NetBIOS name now feeds a Hostname fallback when reverse DNS is empty. Risk model picks up SNMP-public reads (Medium), UPnP and NetBIOS exposure (Low). New CSV columns and a UDP section in the HTML report. Auto-disabled for ranges above 1024 hosts.
Licence-clean OUI source.
OUI registry swapped to the IEEE Registration Authority’s public CSV registries (MA-L, MA-M, MA-S) — ~52,790 entries, free public use, no attribution required. The previous source carried a copyleft licence; the new one is unencumbered, so it can be bundled directly into the binary. Generator script rewritten for IEEE’s tab / CSV format. Vendor port-priority profiles unchanged (they hit IEEE-formal organisation names already).
Richer OUI, vendor port-priority, preset manager.
OUI database upgraded to 57,140 entries. New VendorPortProfiles module: video surveillance, MikroTik, VMware, NAS, printers, server BMC, Ubiquiti, Cisco, VoIP phones, Apple, smart-home IoT, ICS / SCADA — each gets a tailored port order so vendor-typical services appear first. New Tools → Manage port presets dialog (view, rename, edit, add, delete) with in-memory edits per session.
Project rename to NetLens.
Binary now ships as NetLens.exe. Internal namespace renamed to netlens::. Resource files renamed. APPDATA folder now %APPDATA%\NetLens\. No functional changes — scan engine, risk model, GUI, CLI, exports, baseline format and monitor logic are identical to v1.0.8.
Review-driven hardening.
Scan default flipped to Deep so Windows boxes that block ICMP no longer get silently missed. Concurrency dropped from 2048 to 1024 to play nicely with consumer-router rate-limits. Scanner-to-UI handoff is now strictly UI-thread (heap payload + PostMessage). Cancelled-scan progress bug fixed. DNS auto-off for ranges above 1024 hosts. HTML export shows scan state explicitly with an amber banner for cancelled runs.
It really is free and open source. We built NetLens for our own engineering work and use it on client engagements; publishing it is a way to give something back to the small-business IT community. There is no upsell, no “pro” tier, no licence server. If you need a customised variant for your team, that’s a paid engagement — the public tool stays free.
On first launch SmartScreen may show “Windows protected your PC”; click More info → Run anyway. Verify the SHA-256 above against the .sha256 sidecar with Get-FileHash NetLens.exe -Algorithm SHA256. If your organisation requires building from source instead, the ZIP includes the full tree and a one-step build-release.bat — the resulting binary is identical to ours.
No. NetLens uses standard Windows socket APIs (connected TCP and UDP sockets, SendARP, GetNameInfo, GetAdaptersAddresses). No raw sockets, no kernel driver, no admin token required.
NetLens is built for the everyday LAN-inventory job on small and medium business networks: “who is on this subnet, what are they running, give me a report I can send to the customer.” It is intentionally focused — portable single-file binary, fast scans, vendor-aware port priority, UDP service enrichment, clean CSV / HTML reports. For deep security auditing or red-team work, a dedicated security scanner is the right choice; NetLens is not designed for that workflow.
Yes. The adapter dropdown lists every IPv4 interface, including VPN virtual adapters. Pick the VPN adapter and the suggested range comes from its on-link prefix.
Yes — the same NetLens.exe switches to CLI mode when you pass --range. Exit codes are explicit (0 / 1 / 2 / 3), CSV is RFC-4180 clean, HTML is self-contained. See the CLI quick reference above.
All third-party names, marks, logos and brand identifiers visible on this page — in body copy, in screenshots, in scan-result tables and in the embedded source listings — are the property of their respective owners. 3389 Software Outsourcing SRL is not affiliated with, sponsored by, endorsed by, or in partnership with any of these companies, products or services.
Vendor names visible in NetLens scan results (Cisco, Juniper, Arista, MikroTik, Ubiquiti, Hikvision, Dahua, Synology, VMware, Dell, HPE, Super Micro, Yealink, HP, Canon, Brother, Apple, Google, …) are derived from the publicly available IEEE Registration Authority OUI registry via the MAC address of each scanned host. They represent the manufacturer-of-record reported by IEEE for that address block; they do not imply any commercial relationship or compatibility claim. The screenshots on this page use synthetic data generated for product demonstration.
References to other tools, services, file formats or operating systems are made solely to describe interoperability, file-format compatibility or technical context. No competitive comparison or endorsement is implied. If you believe content on this page misrepresents your brand, please contact us and we will address it promptly.
Different protocols, custom report layout, on-prem integration, branded output, embedded use inside a larger product — we’ve done all of those. Tell us what you need.