A powerful security auditing add-on for Home Assistant OS with a graphical interface.
This add-on scans your Home Assistant server and ecosystem for security vulnerabilities and best practices. It provides a clear dashboard showing which areas are secure, misconfigured, or exposed.
- π Open port scanner (detects exposed or unknown ports)
- π SSL certificate check (expiration & HTTPS detection)
- π DuckDNS domain reachability and IP match
- βοΈ Cloudflare DNS record & proxy status (via optional API token)
- π‘ Mosquitto MQTT broker security validation (TLS & anonymous access)
- 𧩠Home Assistant config security parser (
configuration.yaml) - π₯οΈ SSH terminal add-on check (auth & exposure)
- π Web-based interface with multilingual support (π¬π§ English / π³π± Dutch)
- Use the language selector at the top of the dashboard to switch translations
- π Per-module logs + downloadable full report
- Python 3.11
- Flask (backend)
- HTML/JS frontend
- Docker (Supervisor compatible)
- HA CLI integration (
ha addons info)
- Home Assistant OS (Supervisor access required)
- Network access (
host) + privileges (NET_ADMIN) - Optional: Cloudflare API token
Edit config.json or the add-on options in Home Assistant:
cloudflare_api_tokenβ API token for checking Cloudflare protection.cloudflare_domainβ Domain served via Cloudflare to verify and use for SSL checks.duckdns_domainβ DuckDNS hostname to verify against your public IP.config_pathβ Path toconfiguration.yamlfor security parsing.
Use this tool to secure your smart home before attackers try to.
Use pytest to run the test suite:
pytestIf the Docker build fails while installing Python packages, ensure build
dependencies are present. The Dockerfile now installs gcc, musl-dev,
python3-dev, and libffi-dev before running pip3 install.