PERSONAL NETWORK SECURITY

PocketPorts

Know what’s exposed. From your phone.

PocketPorts is a personal network security scanner for individuals and small teams. Verify your domains, audit your home network’s public exposure, and get notified when something changes — all from an iOS app you trust.

Get the App See How It Works
WHY POCKETPORTS

Three things that set it apart

Ownership-verified scanning

DNS proof gates every scan, so you only see results for assets you actually control. Same model used by Let’s Encrypt, AWS Certificate Manager, and Google Search Console.

Continuous monitoring

Opt into push notifications when a new port opens or an unexpected service appears. Set the cadence per host and stay ahead of drift.

Privacy-first

Your scan data lives in your tenant only. No data sharing, no third-party tracking, redaction-by-default banners. We can’t see your results — and we don’t want to.

FROM YOUR POCKET

Built for the way you actually triage

Verify ownership, run a scan, and review findings — all in a few taps.

Home
(screenshot pending)
Scan Results
(screenshot pending)
Findings
(screenshot pending)
PRICING

Start free. Grow when you need to.

Every tier is ownership-gated. No add-ons, no per-seat fees, cancel anytime.

Free

Free

$0
forever
  • 1 host
  • 1 scan per day
  • Fixed 12 ports only
  • Manual scans only
  • Basic exposure score

Best for trying PocketPorts on a single domain.

Starter

Starter

$2.99$29.99
per monthper year · $2.50/mo equiv.
  • 5 monitored assets
  • 3 scans per day
  • Curated expanded port list
  • Exposure change alerts

Personal sites and a home network.

Most popular

Pro

$5.99$59.99
per monthper year · $5.00/mo equiv.
  • 25 monitored assets
  • 20 scans per day
  • Up to 50 ports per scan
  • Arbitrary custom TCP ports
  • Banner grabbing + service fingerprinting
  • CVE matching + history timeline

Indie operators and security-curious individuals.

MSP

MSP

$12.99$129.99
per monthper year · $10.83/mo equiv.
  • 100 monitored assets
  • 100 scans per day
  • Up to 100 ports per scan
  • Multi-network monitoring
  • Asset grouping + priority alerts
  • Stronger audit history

Small teams managing multiple environments.

FAQ

The questions everyone asks

Is it legal?

PocketPorts only scans assets you’ve proven you control via DNS TXT verification. You attest at sign-up that you own or have authorization to test each asset. We follow the same ownership-gated model as Let’s Encrypt, AWS Certificate Manager, and Google Search Console.

What does verification require?

A single DNS TXT record at _pocketports.<your-domain> containing the verification token shown in the app. Once published, PocketPorts checks DNS via Google DoH and Cloudflare DoH to confirm.

Does it work behind CGNAT?

No. CGNAT users (mobile carriers, satellite ISPs) share their public IP with thousands of others, so we can’t verifiably attribute it to any single user. We refuse to verify CGNAT addresses to prevent inadvertent scanning of carrier infrastructure.

Can I scan IP ranges?

No. PocketPorts is a personal-use tool, not an enterprise scanner. We deliberately don’t support arbitrary IP-range scanning to avoid the legal exposure of scanning addresses you don’t fully own. For internal-network scanning, an in-network agent is on the roadmap.

How does it differ from Shodan or Censys?

Shodan and Censys scan the entire internet themselves and let users query results — they’re public reconnaissance databases. PocketPorts is the inverse: you initiate scans against verified assets you own, and we never store data about hosts you don’t own.

More on data handling in the PocketPorts Privacy Policy.

Ready to see what’s exposed?

PocketPorts is launching on the App Store. Sign up free, verify a domain, run your first scan in under five minutes.

Get the App Privacy Policy