While I am still completing Google Cybersecurity certificate, This repo will have more update in the future. I jsut fork GhostESP for creating a new version of hardware based on using ESP32-C3 with 1.8 TFT LCD and add GPS as new version of GhostESP https://github.com/MikeCodechief/cybersecurity-Ghost_ESP The new update for this repo will make it more closer to ESP Marauder
A Python-based network reconnaissance tool for discovering and analyzing devices on Local Area Networks (LANs). This tool is designed for cybersecurity professionals, network administrators, and penetration testers to perform network discovery and basic host enumeration.
- Automated Network Discovery: Automatically detects local network range and gateway
- Multi-threaded Scanning: Concurrent host discovery for faster results
- Comprehensive Host Enumeration:
- ICMP ping sweep
- TCP port scanning on common services
- Hostname resolution via reverse DNS
- MAC address discovery through ARP
- Cross-platform Compatibility: Works on Windows, Linux, and macOS
- Detailed Reporting: Formatted output with option to save results
- Customizable Port Lists: Easy modification of target ports
This tool is intended for:
- ✅ Network administration and monitoring
- ✅ Authorized penetration testing
- ✅ Security assessments of your own networks
- ✅ Educational purposes and learning
- Python 3.6 or higher
- Standard Python libraries (no additional packages required)
# Clone the repository
git clone https://github.com/your-username/lan-network-scanner.git
cd lan-network-scanner
# Make the script executable (Linux/macOS)
chmod +x lan_scanner.pypython lan_scanner.pyThe scanner automatically detects your network configuration, but you can modify the code for specific requirements:
# Modify port list for custom services
ports = [21, 22, 23, 25, 53, 80, 110, 135, 139, 443, 445, 993, 995]
# Adjust thread count for performance tuning
scanner.scan_network(max_threads=100)LAN Computer Scanner
===================
Scanning network: 192.168.1.0/24
Local IP: 192.168.1.100
==================================================
Found: 192.168.1.1 (router.local)
Found: 192.168.1.50 (desktop-pc)
Scanned 254/254 addresses...
Scan completed in 45.32 seconds
Found 8 active hosts
================================================================================
ACTIVE HOSTS ON NETWORK
================================================================================
IP Address Hostname MAC Address Open Ports
--------------------------------------------------------------------------------
192.168.1.1 router.local aa:bb:cc:dd:ee:ff 22, 80, 443
192.168.1.25 Unknown 11:22:33:44:55:66 445
192.168.1.50 desktop-pc aa:11:bb:22:cc:33 135, 445
192.168.1.101 smartphone.local Unknown None detected
- Local IP Detection: Uses socket connection to determine local interface
- Network Range Calculation: Assumes /24 CIDR (configurable)
- Host Discovery: ICMP ping sweep across entire subnet
- Service Enumeration: TCP connect scan on predefined ports
- Information Gathering: DNS reverse lookup and ARP table queries
- 22 (SSH)
- 23 (Telnet)
- 53 (DNS)
- 80 (HTTP)
- 135 (RPC)
- 139 (NetBIOS)
- 443 (HTTPS)
- 445 (SMB)
- 993 (IMAPS)
- 995 (POP3S)
- VPN Impact: Devices using VPN may not appear in scans
- Firewall Filtering: Modern devices often block ICMP and limit port responses
- MAC Randomization: Mobile devices may randomize MAC addresses
- Private WiFi: iOS/Android privacy features can hide devices
- Works best on same subnet (/24 networks)
- Some corporate networks may have additional segmentation
- Router ACLs might limit cross-device visibility
- Requires appropriate network permissions
- No devices found: Check if devices have firewalls enabled
- Permission denied: Run with administrator/sudo privileges for full MAC discovery
- Slow scanning: Reduce thread count or increase timeouts
- Missing hostnames: DNS resolution may be disabled on some devices
# Adjust for faster scanning (less reliable)
scanner.scan_network(max_threads=100)
# Adjust for more reliable results (slower)
scanner.scan_network(max_threads=20)This project is licensed under the MIT License - see the LICENSE file for details.
This tool is provided for educational and authorized testing purposes only. Users are responsible for complying with all applicable local, state, and federal laws. The developers assume no liability and are not responsible for any misuse or damage caused by this program.
Contributions are welcome! Please feel free to submit a Pull Request. For major changes, please open an issue first to discuss what you would like to change.
# Fork the repository
# Clone your fork
git clone https://github.com/your-username/lan-network-scanner.git
# Create a feature branch
git checkout -b feature/your-feature-name
# Make your changes and commit
git commit -am 'Add some feature'
# Push to the branch
git push origin feature/your-feature-name
# Submit a Pull Request- Nmap - Advanced network discovery and security auditing
- Masscan - Fast port scanner
- arp-scan - ARP-based network discovery
cybersecurity network-scanning penetration-testing reconnaissance python security-tools network-discovery ethical-hacking
Advanced multi-tool network scanner combining NMAP, Wireshark, SNMP, and system utilities for comprehensive security assessment.
- NMAP: Port scanning, OS detection, vulnerability assessment
- Tshark/Wireshark: Packet capture and protocol analysis
- SNMP: Network device enumeration and management
- System Tools: ARP tables, routing information, interface discovery
- Network Discovery: Host enumeration via ICMP/ARP
- Port Analysis: Service detection and banner grabbing
- Topology Mapping: Route tables and network structure
- Traffic Analysis: Live packet capture and inspection
- Vulnerability Assessment: Security flaw identification
| Platform | NMAP | Wireshark | SNMP | Status |
|---|---|---|---|---|
| Windows | ✅ | ✅ | ✅ | Full Support |
| Linux | ✅ | ✅ | ✅ | Full Support |
| macOS | ✅ | ✅ | ✅ | Full Support |
# Using Chocolatey
choco install nmap wireshark snmp
# Using Winget
winget install nmap wiresharksudo apt update
sudo apt install nmap wireshark-common snmp snmp-mibs-downloader
sudo usermod -aG wireshark $USER # For packet capture# Using Homebrew
brew install nmap wireshark net-snmppython integrated_scanner.py 192.168.1.0/24# Extended packet capture
python integrated_scanner.py 192.168.1.0/24 --capture-time 60
# Stealth mode
python integrated_scanner.py 192.168.1.0/24 --stealth
# Vulnerability focus
python integrated_scanner.py 192.168.1.0/24 --vuln-scan- Basic:
-snHost discovery only - Port:
-sS -OSYN scan with OS detection - Aggressive:
-A -T4Comprehensive scanning - Stealth:
-sS -T2 -fEvasive techniques - UDP:
-sUUDP service discovery - Vulnerability:
--script vulnSecurity assessment
{
"timestamp": "2025-09-14T10:30:00",
"nmap_results": {
"basic": [{"ip": "192.168.1.1", "hostname": "router"}]
},
"sniff_data": [{"src_ip": "192.168.1.10", "protocol": "TCP"}],
"network_info": {"routing_table": "...", "arp_table": "..."}
}Network Reconnaissance Report
========================================
Timestamp: 2025-09-14T10:30:00
BASIC SCAN RESULTS:
------------------------------
IP: 192.168.1.1
Hostname: router.local
MAC: aa:bb:cc:dd:ee:ff
OS: Linux 5.4
Open Ports: 3
- Fragmentation:
-fIP fragment packets - Timing:
-T0to-T5speed control - Decoys:
-Dfake source addresses - Spoofing: Custom source IP/MAC
- CVE Scanning: Known vulnerability database
- Service Fingerprinting: Version-specific exploits
- SSL/TLS Analysis: Certificate and cipher assessment
- SMB Testing: Windows share vulnerabilities
- Root/Admin: Required for packet capture and some scans
- Network Access: Must be on target network segment
- Firewall Rules: May need exceptions for SNMP/raw sockets
# Low profile scanning
scan_configs = {
'stealth': '-sS -T2 -f --scan-delay 10ms',
'fragmented': '-f -mtu 8',
'decoy': '-D RND:10'
}- Only scan networks you own or have written authorization
- Respect rate limiting and bandwidth usage
- Document all testing activities
- Follow responsible disclosure for vulnerabilities
# Modify in code
common_ports = [21, 22, 23, 25, 53, 80, 110, 135, 139, 443, 445, 993, 995]
extended_ports = list(range(1, 1024)) # All well-known ports# Common community strings
communities = ['public', 'private', 'community', 'admin']# Adjust for network conditions
timing_templates = {
'paranoid': '-T0', # 5 minutes between probes
'sneaky': '-T1', # 15 seconds between probes
'polite': '-T2', # 0.4 seconds between probes
'normal': '-T3', # Default timing
'aggressive': '-T4', # Fast scan
'insane': '-T5' # Fastest (may miss results)
}- /24 network (254 hosts): 2-5 minutes basic scan
- Port scan (1000 ports): 30-60 seconds per host
- Vulnerability scan: 5-10 minutes per host
- Packet capture: Real-time analysis
- CPU: Moderate during scanning phases
- Memory: ~50-100MB for typical scans
- Network: Respects target bandwidth limits
- Disk: JSON reports ~1-10MB depending on scope
# GitHub Actions example
- name: Network Security Scan
run: python integrated_scanner.py ${{ secrets.TARGET_NETWORK }}# Weekly network audit
0 2 * * 1 /usr/bin/python3 /opt/scanner/integrated_scanner.py 192.168.1.0/24nmap wireshark packet-analysis network-topology snmp vulnerability-scanning security-automation penetration-testing