Find web interfaces
across your network

Stop bookmarking admin pages, docs sites, and test builds across your network. Web Finder discovers every web service on your Tailscale peers and local network, one click away. Fully free and open source.

macOS + Linux - menubar app + CLI

iOS - iPhone + iPad app

Menubar App

iPhone App

Web Finder iOS showing discovered web interfaces

CLI Output

web-finder

$ web-finder

Local:

● cen800 http://127.0.0.1:8000

● Web Finder http://127.0.0.1:8001

Tailscale:

● kvm-c225 NanoKVM https://100.67.214.102:443

● openclaw Home - Robot Docs http://100.81.195.18:8000

● storage storage - Synology NAS https://100.106.137.64:5001

● workstation Home - Robot Docs http://100.101.214.44:8002

Install

One command installs everything for your platform.

iOS

iPhone app - available on the App Store (free, open source)

Download from the App Store
Create a Tailscale OAuth client with Devices: Read
Paste Client ID and Secret into the app

macOS + Linux

Menubar app + CLI on macOS, CLI on Linux

curl -sSL https://raw.githubusercontent.com/zeulewan/web-finder/main/install.sh | bash

Clones repo to ~/.web-finder
On macOS: downloads & installs WebFinder.app
On Linux: installs Node.js LTS if needed
Adds web-finder CLI to PATH

To uninstall:

curl -sSL https://raw.githubusercontent.com/zeulewan/web-finder/main/uninstall.sh | bash

What it scans

Automatically detects web interfaces across common ports.

🌐

Tailscale + local

Scans every online Tailscale peer and your local machine in parallel.

🔍

Smart detection

Probes 30+ common ports, fetches page titles, and deduplicates HTTP/HTTPS pairs.

📋

Agent-friendly CLI

JSON output mode lets AI agents and scripts query your network programmatically.

CLI usage

Works great standalone or piped into scripts and AI agents.

web-finder Full scan - local + all Tailscale peers

web-finder --local Scan local machine only

web-finder --tailscale Scan Tailscale peers only

web-finder --all Include non-web ports (AirPlay, SSH, etc.)

web-finder --json Machine-readable JSON output

web-finder --local --json Local only, JSON - great for agents

web-finder --update Pull latest CLI (and app on macOS)

web-finder --version Show installed version and commit

FAQ

Common questions about Web Finder.

Is Web Finder free?

Yes, completely. There are no in-app purchases, subscriptions, or ads. The app is open source under the MIT License and available on GitHub.

Do I need a paid Tailscale account?

No. Web Finder works with free personal Tailscale accounts. You just need to create an OAuth client with the Devices: Read scope, which is available to all Tailscale users.

Does it work without Tailscale?

Yes, on macOS and Linux. Use web-finder --local on the CLI or the macOS menubar app to discover web services running on your machine. Tailscale is only needed for scanning remote peers. Local-only scanning on iOS is not yet available but is planned for a future update.

What ports does Web Finder scan?

It scans 30+ common web ports including 80, 443, 3000-3001, 4000-4001, 5000-5001, 6006, 7860, 8000-8005, 8080-8082, 8443, 8888, 9000-9001, 9090, and 9443. Use --all to also include non-web ports like SSH and AirPlay.

Is my data sent to any servers?

No. OAuth credentials are stored locally on your device. The app only connects to api.tailscale.com to fetch your device list using your own credentials. There is no analytics, tracking, or telemetry of any kind.

What is an OAuth client and how do I create one?

An OAuth client lets Web Finder read your Tailscale device list. Go to the Tailscale admin console, create a new OAuth client, select the Devices: Read scope, and copy the Client ID and Secret into the app. It takes about 30 seconds and only needs to be done once.

Which platforms are supported?

iOS (iPhone and iPad), macOS (native menubar app + CLI), and Linux (CLI). The macOS and Linux CLI are installed with a single shell command and work identically on both platforms.

Find web interfacesacross your network