A Network Watchtower for everyone

Device Discovery

Automatically find every device on your network: phones, cameras, smart home gear, servers. Know what's connected and when something new shows up.

Community Threat Intel

Opt in to contribute anonymized telemetry to help build a shared threat network. Every Vedetta instance makes every other instance smarter. Strength in numbers.

Runs Anywhere

Deploy on a Raspberry Pi, a Windows PC, or a Mac. Docker-based Core with native sensors. Five minutes to full network visibility.

DNS Monitoring

Passive DNS analysis via libpcap and Pi-hole integration. DNSMasq and other options for advanced setups. See where your devices are calling home, catch suspicious domains, and track query patterns over time.

Core + Sensor

Core manages the dashboard, database, and intelligence. Sensors are lightweight binaries that can be deployed on each network segment with full L2 fingerprinting.

Open Source

AGPLv3 licensed. Audit the code, contribute to it, fork it, extend it. No vendor lock-in, no subscriptions. Your network data stays on your hardware.

Local monitoring that already stands on its own

• Docker-based Core with API, UI, and local storage
• Native sensor for macOS and Linux workflows
• Passive DNS capture plus active and passive device discovery
• Local DNS scoring and enrichment
• Optional Pi-hole and AdGuard Home pollers

Sharpening the alpha product

• Install and onboarding polish
• Token rotation and broader admin/dashboard auth hardening
• More durable docs and setup guidance
• Turning early connector code into testable workflows

Broader network visibility layers

• Router and firewall log aggregation
• Connectors for UniFi, OpenWRT, pfSense/OPNsense, and MikroTik
• Better correlation and multi-network handling across ARP, DHCP, mDNS, and SSDP/UPnP signals
• An optional, privacy-conscious community threat network

Who Vedetta fits today

• Homelab users
• Technical home users
• Small businesses without a full security team
• Consultants, MSPs, and security practitioners helping tiny environments

Core plus sensor is the current model

Required today: Vedetta Core and at least one native sensor. Optional today: Pi-hole, AdGuard Home, telemetry, and early connector experimentation.

Alpha, homelab-friendly, not plug-and-play

The current path uses Docker for Core and a native sensor install with elevated local access. That is honest alpha software, not a fake frictionless setup story.

Self-hosted first

The local deployment should stay useful with no cloud dependency. Telemetry is optional, off by default, and the community intelligence layer is future-facing.

Not a Pi-hole companion product

Pi-hole and AdGuard Home are useful if you already run them. Vedetta is being built to ingest useful security signals from multiple DNS and network data sources over time.

Local-first alpha means explicit boundaries

Machine-to-machine sensor auth is in place. Token rotation and broader admin/dashboard hardening are still ahead, and the current product should still be treated as LAN-first alpha software, not hardened public internet infrastructure.

Start Vedetta Core

Core runs locally with Docker Compose.

git clone https://github.com/MahdiHedhli/vedetta.git
cd vedetta
docker compose up -d

Install the native sensor

The current public installer supports macOS and Linux. Review the script before running it.

curl -fsSL -o /tmp/vedetta-sensor-install.sh \
  https://raw.githubusercontent.com/MahdiHedhli/vedetta/main/sensor/deploy/install.sh

sudo bash /tmp/vedetta-sensor-install.sh \
  --core http://<CORE_IP>:8080