NetworkToolbox FAQ

Please find below some of frequent questions I have been asked.

If there is something missing, just let me know.

How can I clear the results

The results history can be maintained in the settings section of the app under “security“.

Here, you can either Clear the result history, change the number of entries that should be kept in the history list or you can enter a value of zero, which means that no results should be stored at all.

Where are the How-To’s?

Quick answer: “In the Resources Menu of the app

The Resources Menu (center tabbar icon) in the app is the place, where you can find “How-To’s”, Demo Videos, and many samples. So this is probably the best place to go, if you want to quickly learn how to use the app, what features are available and how to use them.

Where is the manual?

Quick answer: just tap the (i) button in the top right corner

The Resources Menu (center tabbar icon) in the app is the place, where you can find “How-To’s”, Demo Videos, and many samples. So this is probably the best place to go, if you want to quickly learn how to use the app, what features are available and how to use them.

What is the meaning of the strange […] button?

This button will be displayed, whenever further actions (scans) can be performed with any entry of a list or scan result. That’s usually the case with IP addresses or domain names. Once you press this button, you will see a list of possible options. At the beginning of the list you can select whether you want to copy, bookmark or E-Mail that address or domain. Further below you will find all available tools from “Domain Infos” to “Trace route”. Once you select one of these entries, the particular tool will be called and will perform this particular action on an IP address or domain name.

Please note: Some entries in that list are highlighted and scrolled into focus. All those entries “would make most sense” for the selected address or domain.

This way, you can jump easily from one tool to another based on the results of a previous tool without the necessity to re-enter an address.

For instance, you can use the Device tool to identify your local network gateway. From here, you can perform a network scan. On the results of that network scan, you can perform a port scan. On those results you can then select for instance port 80 (which is the default port for HTTP) and open the Browser tool on that port for that particular IP address.

How to do a simple network scan?

There are a couple of ways for doing this. In all cases, the “Network scan” is the tool you have to use but you can start that tool in several different ways.

Given, you want to scan your current local network, you can for instance, directly start the “Network scan” tool and press the ≡ button next to the IP address field and select “Local IP”. The correct local IP address will be filled in and the “IP to” field will be adjusted accordingly.

Alternatively you can begin with the Device tool, Select Network, select the […] button on “Gateway” and then choose “Scan Network”. This way, you also don’t have to recall or enter the local IP address range as it will automatically be passed to the Network scan tool.

The same works for any other address that is being displayed by either tool. Just press the […] button and select “Network scan” and the whole IP range (1-254) will be scanned.

I have no idea where to start

Of course, that depends on what you want to do.

Given you want to analyze and understand your local network:


1. Start the Device tool
2. Select Network
Here you can see the IP addresses of your local network.


3. Select the […] button on “Gateway”
4. Select “Scan network”

Your current local network will be scanned from the first until the last IP address. Once the scan is completed, you will see a list of IP addresses that are “listening” on your network.

In that list, you can see all IP addresses with their associated network names.


5a.) Tap on an entry to see more information for the particular device. Information such as vendor name, MAC address etc will be displayed.

5b.) Tap on the […] button to perform further scans on each particular device.

For instance, tap on the […] button on the first entry which is most likely your default gateway (= your network router).

6.) Select “scan ports”. You will get another list. This list contains all ports of your router that are “open”

For instance, you will likely see port 80 being open on your router which is the configuration website of the router.

But remember that if you are scanning using wi-fi from INSIDE your network, you will see totally different results to those you would get by scanning from OUTSIDE the network. By scanning the router using wi-fi from inside your network, you are probing the ports of the internal network interface card, and you will find many ports open, exactly as it should be; this will tell you very little about the security of your network. The real concern is any ports open to EXTERNAL entry. For that, you must test using cellular, with wi-fi switched off, if you are inside your network. Alternatively, you can use wi-fi to test your router from its public facing side but only if you are on a network with a different public IP address.


7.) Press the […] button on that port 80 entry and select “Http connect” which will open the internal web browser and show you the configuration interface of your browser.

8.) Depending on the router, you might be asked to provide a password either immediate or on a login page.

8a.) If a login page appears, press the “Login” button (top left corner) to show the default password list. (If there is no login screen, this default password list likely appears automatically)

8b.) From here you can try all default passwords in that list one after the other. If you are kicked out (e.g. after too many attempts, just connect again. The list remembers all already tried passwords and will strike them through).

Several routers have hidden or official default passwords. By this test, you can check whether such a default password exists on your router.

9.) Even if you are logged in or not, you can perform further security tests from here. For this just tap the “Test” button at the top. From here you can select one test after the other in a similar way as the previously described default password test.

This test will add certain, sometimes unusual parameters to the link address of the website. Some routers (or websites) will reveal secret information once such a parameter has been used.
Please note: the default password list and the tests will be updated from time to time via data update.


Where to go from here:

In the same way, you can scan the ports of every single device on your network and try to connect to every single open port by any appropriate protocol (HTTP, FTP etc.).

In the list that appears after tapping on […] all “appropriate” tools are highlighted in blue.

If you have no idea, which tool or protocol to use, you can start with the “HTTP Header” tool and the “Socket” tool.

The HTTP Header tool will tell you, if there is a HTTP server listening on a particular port.

The Socket tool will show you everything which is being responded on a particular port once you connect to it.

Depending on what you see by using these tools, you can then try other tools such as the HTTP Connect tool, FTP, SFTP etc.


Not all devices will respond to a network scan. There might also be virtual devices or devices with no IP address at all.

To identify such devices, you can use the Bonjour and Bluetooth tools. Those tools will likely reveal other devices around you or connected to your network.

The scan results of those tools can be used in a similar way as described above.

You can find further information inside those tools by tapping the (i) info button.

Why do I have to enter IP addresses? I don’t know what to enter

Some tools ask for an address, others are asking explicitly for an IP address. Whenever just an address is entered, you can either enter a host name such as or alternatively the IP address of which is

If you want to perform scans on your local network or the public IP address (this is the address which is being used to connect your device to the internet), you can better start your scan by using the “Device” tool.

In the “Device” tool, you can tap on “Network” and will see all IP addresses that are currently associated with your devices such as the local IP addresses (e.g. for your home network if you are connected to it), the public IP address and the Cell IP address if your device is connected via a cell/mobile (GPRS/Edge/3G/UMTS/LTE/4G) network.

Just select the desired network you want to scan and press the […] button which allows you to select the tool which should be used on that particular IP address.

How can I test WiFi security or how to crack WEP or WPA passwords?

Apple has restricted access to the WiFi network device for developers. This is good as it increases the security of your iPhone/iPad as no app can intercept any network connection from any other app or perform unwanted network activities.

However, that means that there is no way (not for any developer) to retrieve more WiFi network information other than WiFi IP address, SSID and BSSID etc. which will all be displayed in the Device tool.

For this reason, there is no way to perform WiFi security tests or test or even crack WEP or WPA passwords.

You may say “wait a minute, I know one app that can even show the signal strength of WiFi signals but your app doesn’t provide that information”.

That’s true but those few apps were released before Apple increased their security policy. For this reasons, those apps are still available on the app store but can no longer be updated. Once the developer updates such an app, it will be rejected by Apple.

Rest assured that I always try to gather and show as much information as possible (sometimes even more which has sometimes been subject of discussions with Apple whether or not it is against their guidelines).

Why does NMAP on my PC show more devices than your app?

Similar to the WiFi device (see ” How can I test WiFi security or how to crack WEP or WPA passwords”) Apple has restricted access to the so called network socket. For instance “raw access” is not possible but necessary for certain scans, packet filtering or spoofing mechanism.

Again, this is good as this increases our security but means that certain tests can not be performed. NMAP offers such additional tests and thus may find more devices that are using certain protection mechanisms.

However, the scanning level of this app is good enough to find most of the devices and ports that are relevant for your network security. If a device or port can not be found by the app it usually means it already uses some kind of extra protection and thus, it is already more secure than average.

However, as I used to say: “Don’t trust the evil” and so, never trust your network even if no device or port can be found. Not even by NMAP.

What is the purpose of the “Recent” list at the bottom of most tools?

The “recent” list as it appears most of the time under the search options will re-call recent scan results. It can be seen as some king of history of your scans. With every scan, the results are stored on your device so they can be accessed this way without the necessity to perform another scan.

Each new scan will be added at the top of this recent list.

The number of “recent entries” is limited but can be extended in the settings of the app. They can even be disabled if you don’t want the app to keep the scan results.

To change the size of the recent list or disable it, go to settings of the app then select Security. If you enter 0 (zero) for History List size then, no history will me maintained and the recent lists will remain empty all the time. All other values represent the number of entries you will like to keep in the recent list.

Why do I have to press next on the keyboard until the last entry field?

This is not really necessary. The “Next” key on the Keypad is only meant for advancing to the next entry field for your convenience. If you are finished, you can just tap anywhere on the screen and the keyboard dismisses and then, you can tap on “scan” etc.

Why does the network scan doesn’t find all my devices?

This can have several reasons.

Some devices can not be found by iOS apps due to restrictions of Apple (see Why does NMAP on my PC show more devices than your app).

Does Morpheus also have a website like SHODAN does?

No. I have developed Morpheus solely for this app. It is running on several servers around the world and scanning the whole internet and gathering device information 24 hrs / 7 days. Another server communicates between those servers and the app.

The app fing provides more information than your app

At a first glance it might look so. But fing only performs certain scans at once and offers all information in one step. It even adds some assumptions which are not always correct and may lead to misinterpretations which – from my point of view – may result in wrong assumptions about network security.

I think it is important to know whether a device was found by using a network, bonjour or Bluetooth scan (whereas the latter one is not available in fing). Depending on the outcome of those scans, you will need to take different actions in case of security issues.

My app also provides various tools that can be used on certain scanning results which is not possible with fing. This is also, why the results are displayed in a different way.

Your app crashes

Sorry for that. This should not happen. I usually test my apps on about 10 different test devices I own (from iPod touch to some iPhones 3GS,4 and some 4s and 5ses and some iPads with various iOSes) and in addition there are several Beta testers (thank you!) who are testing all major releases.

However, there are still chances that an issue has not yet been identified. Especially due to the complexity and size of this app.

Anyway, if you experience a crash, please first check if you have:

1.) the latest app update (go to settings and press on “Check for app update”
2.) the latest data update (go to settings and press on “Check for data update”

If the problem persists, please let me know, ideally using the “Support / Feature request” button in the settings screen.

How can I embed NetworkToolbox in other apps

It is possible to embed (start) NetworkToolbox in other apps by using the so called URL Scheme. This is described in detail here or here.

I like to use my favourite app from inside NetworkToolbox, is this possible?

It is possible to embed (start) other apps from inside NetworkToolbox (or vice versa) by using the so called URL Scheme. This is described in detail here or here.