picosnitch Icon

picosnitch helps protect your security and privacy by "snitching" on anything that connects to the internet, letting you know when, how much data was transferred, and to where. It uses BPF to monitor network traffic per application, and per parent to cover those that just call others. It also hashes every executable, and will complain if some mischievous program is giving it trouble.

Open Source

picosnitch Source Code




Monitor Network Traffic Per Executable, Beautifully Visualized







15 Jul 20

Last Updated

21 Jun 24

Latest version


Primary Language



4,592 KB







Language Usage

Language Usage

Star History

Star History

Top Contributors

Recent Commits

  • eric (02 Jan 24)

    version 1.0.3

  • eric (24 Dec 23)

    add doas support https://github.com/elesiuta/picosnitch/issues/37

  • eric (14 Dec 23)

    fix sock_sendmsg kprobe not attaching for kernel 6.6 https://github.com/elesiuta/picosnitch/issues/35 use inet_ and inet6_ instead of sock_ for sendmsg and recvmsg

  • eric (13 Dec 23)

    fallback if it fails to find a home user, will probably fix builds on launchpad for 23.10 and later

  • eric (13 Dec 23)

    version 1.0.2

  • eric (13 Dec 23)

    organize imports

  • eric (19 Nov 23)

    update readme

  • eric (31 Oct 23)

    update callgraph

  • eric (31 Oct 23)

    log name of dead processes on restart

  • eric (31 Oct 23)

    don't need to toast fallback success messages

  • eric (31 Oct 23)

    fix cmdline cache using old values for new pids https://github.com/elesiuta/picosnitch/issues/32

  • eric (23 Oct 23)

    version 1.0.1

  • eric (23 Oct 23)

    better help for debugging, closes https://github.com/elesiuta/picosnitch/issues/30

  • eric (21 Sept 23)

    fix option to override st_dev_mask

  • eric (21 Sept 23)

    version 1.0.0

  • eric (21 Sept 23)

    add option to override st_dev_mask

  • eric (20 Sept 23)

    add option to not log ports

  • eric (20 Sept 23)

    don't refresh time offset on tab/filter changes in tui

  • eric (20 Sept 23)

    add filter exclude to tui

  • eric (18 Aug 23)

    version 0.14.1

  • eric (18 Aug 23)

    go back to using classic confinement for snap Required plugs for this to work do not currently exist in snapd. I'll leave this here for now in case they are added in the future or if anyone wants to build their own snap with classic confinement. Only a few of the plugs this commit removes were actually required. I don't think there are any other currently existing plugs that are required for this to work.

  • eric (17 Aug 23)

    fix ui if query results are ready early regression from adding local port/addr and removing connection count

  • eric (17 Aug 23)

    don't remember previous cursor location on removing filter more responsive ui (with threading) breaks this since the cursor resets to the first row as the entries load

  • eric (17 Aug 23)

    use stack to apply multiple filters in ui

  • eric (17 Aug 23)

    refactor primary and secondary tab names and indices in ui this was an artifact from a much earlier version where not all columns were filterable

  • eric (11 Aug 23)

    update readme

  • eric (10 Aug 23)

    update readme

  • eric (10 Aug 23)

    update readme

  • eric (09 Aug 23)

    fix dependencies for openSUSE (version 0.14.0-2)

  • eric (09 Aug 23)

    version 0.14.0

picosnitch Website


picosnitch | Monitor Network Traffic Per Executable, Beautifully Visualized

Monitor Network Traffic Per Executable, Beautifully Visualized


Redirects to https://elesiuta.github.io/picosnitch/

Security Checks

1 security checks failed (65 passed)

  • Risky Category Detected

Server Details

  • IP Address
  • Hostname cdn-185-199-110-153.github.com
  • Location California, Pennsylvania, United States of America, NA
  • ISP GitHub Inc.
  • ASN AS54113


Some proxies may block this service, as it falls into the following categories

  • Free Hosting

Associated Countries

  • US

Saftey Score

Website marked as moderately safe


Blacklist Check

elesiuta.github.io was found on 0 blacklists

  • ThreatLog
  • OpenPhish
  • PhishTank
  • Phishing.Database
  • PhishStats
  • URLhaus
  • RPiList Not Serious
  • AntiSocial Blacklist
  • PhishFeed
  • NABP Not Recommended Sites
  • Spam404
  • CRDF
  • Artists Against 419
  • CERT Polska
  • PetScams
  • Suspicious Hosting IP
  • Phishunt
  • CoinBlockerLists
  • MetaMask EthPhishing
  • EtherScamDB
  • EtherAddressLookup
  • ViriBack C2 Tracker
  • Bambenek Consulting
  • Badbitcoin
  • SecureReload Phishing List
  • Fake Website Buster
  • TweetFeed
  • CryptoScamDB
  • StopGunScams
  • ThreatFox
  • PhishFort

Website Preview

picosnitch Reviews

More Intrusion Detection

About the Data: picosnitch


You can access picosnitch's data programmatically via our API. Simply make a GET request to:


The REST API is free, no-auth and CORS-enabled. To learn more, view the Swagger Docs or read the API Usage Guide.

About the Data

Beyond the user-submitted YAML you see above, we also augment each listing with additional data dynamically fetched from several sources. To learn more about where the rest of data included in this page comes from, and how it is computed, see the About the Data section of our About page.

Share picosnitch

Help your friends compare Intrusion Detection, and pick privacy-respecting software and services.
Share picosnitch and Awesome Privacy with your network!

View Intrusion Detection (5)