Version 1.0.0 — Free for Windows

Your home network has
more vulnerabilities
than you think.

SentinelHome101 runs 101 security checks on your home network and computer — and explains every finding in plain English.

Download Free — Windows See what it checks →

No Python required  ·  No cloud  ·  No subscription  ·  Windows 10 / 11

101
Security Checks
0
Data Sent to Cloud
~30s
Quick Scan Time
6
Security Categories
Local
No Cloud

What it does

A full security audit.
In plain English.

Commercial security tools cost $2,000–$6,000 per year and require an IT department to operate. SentinelHome101 gives home users the same depth of audit — and explains every finding in language anyone can understand.

01
Endpoint Security
Antivirus, BitLocker, Secure Boot, Windows Defender, OS patches, user accounts, and more.
15 checks
02
Network Perimeter
WiFi security, router credentials, DNS hijacking, firewall, TLS version, and UPnP exposure.
15 checks
03
Threat Detection
Botnet behavior, ARP spoofing, rogue DHCP, ransomware canary files, and credential breaches.
11 checks
04
Device & Exposure
Every device on your network identified by manufacturer, with open ports and risk scores.
18 checks
05
Monitoring & History
Scan history, change detection, inactive device tracking, and performance baselines.
24 checks
06
Reporting
HTML, TXT, and CSV export. Plain-English remediation for every finding.
18 checks
67 / 100 NETWORK SCORE
CRITICAL BitLocker not enabled — drive data exposed if stolen
CRITICAL Telnet open on 192.168.1.47 — plain text protocol
WARNING Router may be using default credentials
WARNING UPnP active — devices can open firewall ports
PASS Windows Firewall enabled on all profiles

Features

Everything in one place.

Ransomware Canary Files
Hidden sentinel files planted in your key folders. If ransomware touches them, SentinelHome101 alerts you — often before encryption spreads.
Network Device Discovery
Every device on your network identified by IP, MAC address, and manufacturer. Open ports flagged with risk levels in plain English.
DNS Hijacking Detection
Verifies your DNS responses have not been tampered with. A hijacked DNS can silently redirect you to fake websites even when you type a real address.
ARP Spoofing Monitor
Checks your ARP table for duplicate MAC addresses — a reliable indicator of man-in-the-middle attacks on your local network.
Scan History & Change Detection
Every scan is recorded. Compare results between scans to see new devices, resolved issues, and score changes over time.
One-Click Remediation
Every finding includes a plain-English step-by-step fix — written for home users, not IT professionals. No technical background required.

Privacy

Everything stays
on your machine.

SentinelHome101 runs entirely locally. No scan results, device data, or network information is ever transmitted outside your home.

No telemetry or analytics
We do not collect usage data, crash reports, or any information about how you use the app.
No cloud storage
Scan history, device database, and settings are stored in a local SQLite file on your machine only.
Local network only
All scanning communicates only with devices on your local subnet. Nothing leaves your network.
Two opt-in external features
Internet speed test and credential breach check are disabled by default and require explicit opt-in. Both are clearly labeled.
Data destination by feature
Scan results LOCAL ONLY
Device inventory LOCAL ONLY
Security findings LOCAL ONLY
Settings & preferences LOCAL ONLY
Speed test (opt-in) SPEEDTEST.NET
Breach check (opt-in) HIBP HASH ONLY
Usage analytics NEVER

Download

Free. No account required.

One file. Double-click to run. No installer, no Python, no dependencies.

SentinelHome101.exe v1.0.0 · Windows 10/11
Windows 10 or 11 (64-bit)
No Python required
No installation wizard
Administrator rights (auto-prompted)
Download SentinelHome101.exe
Windows SmartScreen note: Windows may show an "Unknown Publisher" warning on first run. Click More info then Run anyway. This appears because the current release is not yet code-signed with a commercial certificate. A signed release is planned. Source code is publicly available on GitHub for independent review.
Security scanner note: SentinelHome101 performs active network scanning — it reads Windows security settings, runs netstat and ARP commands, and probes local network devices. This behavior may cause automated sandbox tools (ANY.RUN, Cuckoo, etc.) to flag it as suspicious. This is expected for any security audit tool. The same behavior causes Nmap, Nessus, and Wireshark to receive similar flags. The full source code is on GitHub for independent review.
SentinelHome101 is provided as-is without warranty of any kind. It is a diagnostic and reporting tool only — it does not modify your system or network configuration. Use at your own risk.

First time? Read the Installation Guide  ·  Changelog

Security & Transparency

Open by design.

SentinelHome101 is a network security audit tool. It does things that security scanners notice — and we want to be upfront about all of them.

Why security scanners may flag it
SentinelHome101 reads Windows registry settings, runs network commands (netstat, arp, ipconfig), scans your local subnet for devices, and probes open ports. Automated sandbox tools see this behavior without context and may flag it. This is the same reason Nmap, Nessus, and Wireshark receive similar flags. It is scanning your network — that is the point.
Source code is public
Every line of SentinelHome101 is available on GitHub. You do not have to take our word for what it does — you can read it, compile it yourself, or have someone you trust review it independently. Nothing is hidden.
Why it is currently unsigned
The current release does not yet have a commercial code signing certificate. This causes the Windows SmartScreen "Unknown Publisher" warning. A signed release with a verified publisher name is planned. Until then, the GitHub source code is the most transparent proof of legitimacy available.
What it does NOT do
SentinelHome101 does not modify your system, install services, make changes to your network, or transmit data outside your machine. It reads and reports — it does not act. All findings require you to take remediation steps manually.
Independent security scan
SentinelHome101 v1.0.0 was scanned by 71 independent security engines on VirusTotal. 67 of 71 returned clean. The 4 flags are heuristic detections based on PyInstaller packaging patterns — not actual malicious code. Major engines including Microsoft Defender, Kaspersky, and Bitdefender all returned clean.

View full VirusTotal report →

FAQ

Common questions.

No. SentinelHome101.exe is completely self-contained. It includes everything it needs to run. Just double-click it — no Python, no extra downloads, no setup wizard.
Several of the 101 security checks require Windows Administrator access — for example, reading Windows Security Center status, querying system information, and running network configuration commands. The UAC prompt appears every time as a result. This is intentional for a security tool.
No. All 101 checks run entirely on your local machine and network. No scan results, device information, IP addresses, or personal data are sent to any server. Two features optionally connect to external services — internet speed test and credential breach check — both are disabled by default and require explicit opt-in.
SentinelHome101 starts every scan at 100 and deducts points for security findings. Each critical finding costs 15 points. Each warning costs 5 points. A score above 80 is good. A score between 50 and 79 is fair. A score below 50 means significant issues were found that need prompt attention.
A small hidden file planted in key folders (Desktop, Documents, Downloads, Pictures). If ransomware begins encrypting your files it will modify these canary files in the process. SentinelHome101 monitors them on every scan and alerts you immediately if any are changed or deleted — often catching ransomware before it has time to encrypt your important data.
First try to identify it — check your router's connected devices list. Common unknown devices include smart TVs, streaming boxes, smart speakers, and printers. If you cannot identify a device after investigation, change your WiFi password. Any device connected without your knowledge will be disconnected when the password changes.
No. SentinelHome101 is an audit and reporting tool — it finds problems and tells you how to fix them in plain English. It does not make changes to your system or network automatically. You remain in control of every change that is made.
Running a Quick scan weekly is a good habit for most home users. Run a Standard scan monthly or any time something changes on your network — a new device is added, your router is reset, or you notice unusual behavior.
All data is stored locally on your machine in C:\Users\[YourName]\AppData\Roaming\SentinelHome101\. This includes your scan history, device database, settings, and canary files. This data never leaves your machine.
Email support@sentinelhome101.com with your Windows version, SentinelHome101 version number, and a description of the issue. We read every support request and respond as quickly as we can.