npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@hipaaagent/network-scanner

v2.0.0

Published

HIPAA Agent Network Scanner — Local agent for internal network security assessment. 14-phase scan covering encryption, MFA, segmentation, asset inventory, medical devices, and more.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

hipaaagenthipaaagent

Keywords

hipaasecuritynetwork-scannerhealthcarecompliancemedicalphinistauditinternal-scan

Readme

HIPAA Agent — Network Scanner v2.0

Local network security assessment agent for HIPAA compliance. Updated for May 2026 HIPAA Security Rule requirements.

Quick Start

npm install -g @hipaaagent/network-scanner
hipaa-scan register --api-key YOUR_KEY
hipaa-scan scan

12-Phase Scan

| Phase | Name | Description | |-------|------|-------------| | 1 | Network Discovery | Detects local IPs and target subnets | | 2 | Host Discovery | Multi-port TCP (80, 443, 22, 445, 3389) + ARP fallback | | 3 | Port Scanning | 30 HIPAA-critical ports scanned per host | | 4 | SSL Certificate Audit | Expiry, self-signed, chain validation | | 5 | Medical Device Detection | DICOM (4104) and HL7 (2575) protocol identification | | 6 | Encryption at Rest | BitLocker, FileVault, LUKS verification | | 7 | MFA Detection | SSH key auth, RDP NLA, web-based 2FA keywords | | 8 | Asset Inventory | Device classification by port fingerprint + OS detection | | 9 | Network Segmentation | Subnet analysis, medical device isolation check | | 10 | Patch & EOL Detection | Version banner matching against EOL database | | 11 | Backup Detection | rsync, iSCSI, Synology, Veeam, Acronis, Webmin | | 12 | ePHI Flow Mapping | Data flow analysis: medical → database → web → remote |

Phases 4–12 are skipped when using --quick.

Requirements

  • Node.js 18+
  • Network access to target subnet
  • API key from your HIPAA Agent portal

Commands

# Register agent with your account
hipaa-scan register --api-key YOUR_KEY

# Run full 12-phase scan
hipaa-scan scan

# Scan specific subnet
hipaa-scan scan --target 192.168.1.0/24

# Quick port scan only (phases 1-3)
hipaa-scan scan --quick

# Check registration status
hipaa-scan status

# Show help
hipaa-scan help

Results

Scan results automatically upload to your HIPAA Agent account and are delivered to your inbox. If offline, results save to ~/.hipaa-agent/scans/ and upload on next connection.

HIPAA-Critical Ports (30)

| Port | Service | Risk Level | |------|---------|------------| | 23 | Telnet | CRITICAL — Unencrypted remote access | | 4104 | DICOM | CRITICAL — Medical imaging, PHI exposure | | 2575 | HL7 | CRITICAL — Health messaging, PHI | | 5900 | VNC | CRITICAL — Often unencrypted | | 6667 | IRC | CRITICAL — Should not exist on healthcare network | | 3389 | RDP | HIGH — Brute-force target | | 445 | SMB | HIGH — File sharing, ransomware vector | | 161 | SNMP | HIGH — Community string exposure | | 27017 | MongoDB | HIGH — Often misconfigured auth | | 3306 | MySQL | HIGH — Database access | | 1433 | MSSQL | HIGH — Database access | | 1521 | Oracle | HIGH — Database access | | 5432 | PostgreSQL | HIGH — Database access | | 80 | HTTP | MEDIUM — Unencrypted web | | 8080 | HTTP Alt | MEDIUM — May be admin panel | | 5000 | Synology HTTP | MEDIUM — NAS management | | 10000 | Webmin | MEDIUM — Admin panel | | 22 | SSH | INFO — Remote access | | 25 | SMTP | INFO — Email server | | 443 | HTTPS | INFO — Web server | | 8443 | HTTPS Alt | INFO — Web application | | 515 | LPD | INFO — Printer | | 873 | rsync | INFO — Backup service | | 3260 | iSCSI | INFO — Storage/backup | | 5001 | Synology HTTPS | INFO — NAS management | | 9100 | RAW Print | INFO — Printer | | 9392 | Veeam | INFO — Backup console | | 9393 | Veeam HTTPS | INFO — Backup console | | 9876 | Acronis | INFO — Backup | | 9877 | Acronis HTTPS | INFO — Backup |

May 2026 HIPAA Security Rule Coverage

The scanner verifies 7 of 13 May 2026 requirements directly:

  1. Encryption at rest — §164.312(a)(2)(iv)
  2. Multi-factor authentication — §164.312(d)
  3. Asset inventory & classification — §164.310(d)(1)
  4. Network segmentation — §164.312(a)(1)
  5. Patch management & EOL — §164.308(a)(5)(ii)(B)
  6. Backup & 72-hour restore — §164.308(a)(7)(ii)(A)
  7. ePHI data flow mapping — §164.312(e)(1)

Remaining 6 requirements are verified through external scan, SRA, policies, training, and BAA management.

Privacy

  • All scans are performed locally on YOUR network
  • Only scan results are uploaded (no raw network traffic)
  • Data encrypted in transit via HTTPS
  • You control what networks are scanned

Support

  • Portal: https://hipaaagent.ai/portal/network-agent
  • Documentation: https://hipaaagent.ai/docs/network-scanner
  • Email: [email protected]