A simple Python active and passive network scanner for linux and OSX
Simple python script which uses pcap, arp-scan, and avahi to:
- Find hosts that are on the LAN passively
- Uses an arp-ping to actively identify hosts
- Scan each host to determine open ports and services
- Store record of hosts in JSON file, html webpage, or prints to screen
Note: Since IP addresses change, the hosts are finger printed via their MAC address.
Note: On linux it uses avahi to get hostnames, but doesn’t work on OSX
Fing is a great and fast network scanner, I have their app on my iPad. However, the fing commandline tool for RPi I have noticed errors in the MAC address and therefor don’t trust it for this application.
brew install pcap arp-scan
sudo apt-get install libpcap-dev arp-scan
Download and unzip, then from inside the package:
sudo python setup.py install
If you are working on it:
sudo python setup.py develop
To see all run time options:
Basic, to search for addresses on your network, use:
sudo netscan -a -r 5000 -i en1
|interface to listen to, ex. en0, en1|
|-r, --range||what ports to scan (1 … n), where n in this case is 5000 (upper limit)|
The default is to display results to the screen.
Note: This has to be run as root
sudo netscan -p 1000 -j network.json -i en1
|-p, --passive||conduct passive mode, scan 1000 packets and output results|
|-j, --json||output results to a json file|
sudo netscan -a -p 1000 -w network.html -i en1
|-w, --webpage||output to webpage name network.html|
Make HTML from a JSON file
JSON files can be hard to read (one long string), this puts it into an easier form to digest.
- remove arp-scan and code directly in python
- add ability to feed a earlier json scan into program and wol to bring up sleeping hosts
- better documentation
- add a verbose argument, sometimes it seems like nothing is happening
- currently not using awake, netaddr, or commands … need to fix
This is designed to work with Node.js netscan but that is still work in progress.