le is the terminal version of Localhost Explorer: the same process intelligence, in a single static binary that runs on macOS and on Linux servers over SSH. As of today it's open source under MIT. The code is at github.com/alikatgh/le-cli, and the install is one line:
brew install alikatgh/tap/le
Run le and you get a live table of everything listening on localhost — port, process, working folder, risk, owner, and the stop command that will actually work:
PORT PID WHAT DIR RISK OWNER STOP WITH
3000 38814 juice-shop ~/code/juice-shop medium container docker stop juice-shop
8001 43138 Django dev server ~/code/api low terminal TERM
27017 1183 MongoDB /opt/homebrew/var high homebrew brew services stop mongodb-community
Why open source, when the app costs $5
Because of what the tool does. le has exactly one irreversible action — sending a kill signal to a process on your machine — and a tool like that should let you read the code that decides when it's safe. The PID-recycle guard, the "refuse rather than guess" rules, the Docker and Homebrew re-checks: they're all in the repo, tested, and short enough to audit in an afternoon. The menu-bar app stays paid; it funds the work. The CLI is where you can check that the work is real.
Made for the terminal you already live in
Inside the TUI: / filters by port, name, or folder; 1–6 sort by any column, including the working directory, so everything one project spun up clusters together. Press o and the selected port opens in your browser. Press c and the row's stop command lands on your clipboard — via OSC 52, the terminal's own escape-sequence clipboard, which means the copy reaches your machine even when le is running on a box you SSH'd into.
Outside the TUI, everything scripts:
le list node --json # structured output for jq
le stop --dir . -n # preview: what would an end-of-day sweep kill?
le stop --dir . # ...do it
le stop 3000 --json # per-listener results, machine-readable
le ready 5432 -t 30s || exit 1 # CI: wait for the DB, bounded
le hold 3000 # keep a port occupied while you debug
--dir matches by working directory, so a monorepo's api, web, and worker die together. The dry-run flag exists because a bulk kill you can't preview is a bulk kill you won't trust.
The parts you can't see in a screenshot
The engine underneath is the one described in the engineering post: every stop re-verifies the PID's start time first, so a recycled PID never gets the signal meant for something else, and when identity can't be confirmed it refuses instead of guessing. The ps/lsof parsers run under LC_ALL=C and are fuzzed nightly in CI.
The repo also carries its own paper trail. The CLI went through three adversarial review rounds that found eighteen real bugs — several in versions we had already shipped — and the full reports live in docs/audits/, refuted candidates included. Release tarballs are checksummed and carry a signed build-provenance attestation you can verify before trusting a binary:
gh attestation verify le_*.tar.gz --repo alikatgh/le-cli
Take it apart
MIT means it's yours to read, fork, and ship inside whatever you're building. Issues and PRs are open; CONTRIBUTING.md lists the exact commands CI runs, and the test suite covers the code most tools this size never test — the kill path. If you find the bug our review rounds missed, the bar for the fix is already set: a regression test in the same commit.
Get the code.
MIT-licensed. macOS and Linux. brew install alikatgh/tap/le