I built NetHtop++, a network inspection tool for Linux/macOS that goes far beyond netstat or ss. It’s like htop but for sockets — with extra powers.
From a single terminal screen, you can:
• See all live sockets and ghost connections (phantom listeners, zombie ports)
• r to resolve hosts
• x to close sockets
• p to kill by PID
• t to capture
• c to switch interface
• o to view ghost sockets
• d to dump
• e to export
• q to quit
Dive deeper into ghost socket inspection and you’ll find:
• f to add a pf rule (firewall integration coming for iptables, ufw, etc.)
• s snapshot
• h hard kill
• r restart
• o close ghost
• d dump socket
The goal is to make this your go-to weapon when debugging strange network behavior, malware implants, ghost listeners, or when you just want full control of the stack.
I’m actively adding more features — including kernel-space tracing, flow tracking, and in-memory socket inspection.
m4y0u•2h ago
I built NetHtop++, a network inspection tool for Linux/macOS that goes far beyond netstat or ss. It’s like htop but for sockets — with extra powers.
From a single terminal screen, you can: • See all live sockets and ghost connections (phantom listeners, zombie ports) • r to resolve hosts • x to close sockets • p to kill by PID • t to capture • c to switch interface • o to view ghost sockets • d to dump • e to export • q to quit
Dive deeper into ghost socket inspection and you’ll find: • f to add a pf rule (firewall integration coming for iptables, ufw, etc.) • s snapshot • h hard kill • r restart • o close ghost • d dump socket
The goal is to make this your go-to weapon when debugging strange network behavior, malware implants, ghost listeners, or when you just want full control of the stack.
I’m actively adding more features — including kernel-space tracing, flow tracking, and in-memory socket inspection.
GitHub: https://github.com/m10ust/nethtop
Feedback, ideas, and wild use cases welcome!