ZPK Network Security Analyzer
See what your network is really doing. No complexity, no cloud, no subscriptions.
[ Buy ZPK - $29 ] $29 one-time · Ready to run Docs · GPL-2.0 · Source included · Sold as-is · No support
What You Get
Everything runs locally on your machine. No cloud, no accounts, no data leaves your PC.
23 Detection Rules
Port scans, SYN floods, DNS tunneling, ARP spoofing, beaconing, packet loss, cleartext credentials, and more. All automated.
GeoIP & ASN Enrichment
See who owns every IP your machine talks to, and where they are. Interactive HTML world map included.
Local AI Analysis
Optional AI-powered assessment via Ollama. Runs on your GPU, never sends data to the cloud. Plain-English security report.
PDF & Export Reports
Generate professional PDF reports, or export to CSV, JSON, Markdown. Ready for client deliverables or your own records.
Process Correlation
Know which application is making each connection. Chrome, Slack, svchost, or something suspicious? ZPK tells you.
Slack & Email Alerts
Get notified instantly when critical findings are detected. Configure Slack webhooks or email alerts in seconds.
Interactive Menu
No commands to memorize. The interactive menu walks you through scanning, viewing results, and exporting. Beginner-friendly.
Standalone EXE
Single EXE file, no Python setup, no bundled runtime. Run it on any Windows machine, then install Npcap from within the app.
Trend Analysis
Compare captures over time. See if your network is getting noisier, if new hosts appear, or if threats are increasing.
Metadata Only, No Payloads
ZPK analyzes connection metadata (IPs, ports, protocols, timing) — not packet contents. No passwords, no file data, no message bodies are captured. For deep packet inspection, use Wireshark.
See It In Action
How It Works
$ step 1: Download & Run
Download zpk.exe, right-click, Run as Administrator. No installation wizard, no Python, no setup. Just one file.
$ step 2: One-Time Setup (2 minutes)
From the menu, go to Setup & Tools and install Npcap (free packet capture driver) and download the GeoIP database. Both are guided — just follow the prompts. You only do this once.
$ step 3: Scan Your Network
Hit Quick Scan in the menu. ZPK captures 30 seconds of live traffic, identifies every connection, resolves IPs to organizations and countries, and runs 23 detection rules automatically.
$ step 4: Review Findings
Color-coded results tell you exactly what needs attention: CRITICAL threats, SUSPICIOUS activity, WATCH items, and INFO noise. Each finding includes the IP, organization, country, and recommended action.
$ step 5: Explore & Export
View connections on an interactive world map, export a PDF report for your records or clients, set up Slack or email alerts for automatic notifications, or compare sessions over time with trend analysis.
$ optional: AI-Powered Analysis
Install Ollama (free, one download) and pull the qwen3:8b model. ZPK feeds your session data to the local AI and gets a plain-English security assessment — no cloud, no API keys, everything stays on your machine. Requires a GPU with 8+ GB VRAM.
Requirements
- OS: Windows 10 or 11
- Privileges: Run as Administrator
- Npcap: Free, installs from the app
- AI (optional): Ollama + 8GB VRAM
Ready to see what's on your network?
[ Buy ZPK - $29 ] Docs · GPL-2.0 · Source included · Sold as-is · No supportAbout
ZPK Network Security Analyzer is a solo project. I built it because I wanted a simple way to see what my Windows machines were doing on the network without spinning up Wireshark or learning tcpdump flags every time. The existing tools are either too complex for quick checks or too expensive for personal use.
This is my first packaged application. The $29 covers the time and AI costs that went into building it. The source code is included because Scapy (the packet capture library) is GPL-2.0, and I believe in keeping it that way. If you find a bug, the source is right there.
One person, one tool, no support team, no roadmap. Just another short story. If it's useful to you, great.