Discover all IP addresses in a Local network.

[hack3rcon]

Hello.
I need a tool that help me for finding all IP addresses in a local network. I found some tools like "AutoScan" or "netdiscover" but these tools can't working properly in a Vlans networks.

Any idea?

[RedBullAddicted]

I am not sure if I understood your question. You want to get all ip ranges a network uses with a scanner? Well, you could use any subnet scanner and let it scan all private ip address ranges (https://en.wikipedia.org/wiki/Private_network).. lol. That will take a lot of time. The other option would be guessing the ranges. If your client is located in a 10.10.0.0/24 network you could try to scan the range 10.10.0.0/16 for example and see what you can find. Another way is to capture a good amount of network packets and go through them. I explained it here (its old and not very good.. but should give you an idea what I am talking about) https://evilzone.org/tutorials/(tutorial)-basic-network-discovery
Start to get creative.. maybe you can get those information from a L3 switch or router. HP for example has a default setting which looks like this "snmp-server community public unrestricted". Seen lots of devices where the admins did not remove that part of the config.

Hope that helps??

[hack3rcon]

I am not sure if I understood your question. You want to get all ip ranges a network uses with a scanner? Well, you could use any subnet scanner and let it scan all private ip address ranges (https://en.wikipedia.org/wiki/Private_network).. lol. That will take a lot of time. The other option would be guessing the ranges. If your client is located in a 10.10.0.0/24 network you could try to scan the range 10.10.0.0/16 for example and see what you can find. Another way is to capture a good amount of network packets and go through them. I explained it here (its old and not very good.. but should give you an idea what I am talking about) https://evilzone.org/tutorials/(tutorial)-basic-network-discovery
Start to get creative.. maybe you can get those information from a L3 switch or router. HP for example has a default setting which looks like this "snmp-server community public unrestricted". Seen lots of devices where the admins did not remove that part of the config.

Hope that helps??

Consider it, You are at a company and want to know how many devices and ip ranges are exist. What do you do? Some tools like I said can help you but not working with VLANs very good.

[SilentCircle]

Have you found out how to do ot if not semd me a pm id gladly help


Sent from my iPhone using Tapatalk

[RedBullAddicted]

Consider it, You are at a company and want to know how many devices and ip ranges are exist. What do you do? Some tools like I said can help you but not working with VLANs very good.

Yep, I would do what I explained above 

Have you found out how to do ot if not semd me a pm id gladly help


Sent from my iPhone using Tapatalk

Why don't you just post here? I would like to hear about your solution too.

[0E 800]

For Windows use Wnetwatcher:
http://www.nirsoft.net/utils/wireless_network_watcher.html

Or use AngryIpscanner  (windows, mac, linux)
http://angryip.org/download/


Feel like this question should have been googled first.

[romancodis]

For Windows use Wnetwatcher:
http://www.nirsoft.net/utils/wireless_network_watcher.html

Or use AngryIpscanner  (windows, mac, linux)
http://angryip.org/download/


Feel like this question should have been googled first.

yes OE 800  said correctly , angry ip scanner is the better solution for it

[th31nitiate]

Guy would nmap just work as good though with the right switch's ?

OE800 is right thought angryIP is a good one, first port scanner i ever used on video, i found a shopadmin box once but i didn’t know what it was or what to do with it then

[ghostdragon]

arpscan?

[spaceman]

Search sone quick tutorials for nmap on google and you toobe it is very good tool.

[kurp]

Try: nmap -sP 192.168.2.1/24

If that doesn't work try:
sudo nmap -sP -PS22,3389 192.168.2.1/24 #custom TCP SYN scan
sudo nmap -sP -PU161 192.168.2.1/24 #custom UDP scan

[deltonos]

arpscan?

Arpscan & nbtscan  good tools for a fast "network" discovery. Into a pentest, in a corporative network... there is always at leas 1 windows

Regards!

[CRAZYBUDDY]

For Windows use Wnetwatcher:
http://www.nirsoft.net/utils/wireless_network_watcher.html

Or use AngryIpscanner  (windows, mac, linux)
http://angryip.org/download/


Feel like this question should have been googled first.

Totally agreed with this, i myself use Angryipscanner to get ip addresses and stuff and to discover more like passwords i prefer using cainandabel or for much deeper solution to monitor network i prefer wireshark. please google with those names. you'll see em+how 2s
 

[overflow]

You can do the nmap -sn command followed by ip range to check for hosts on a network, example:

nmap -sn 192.168.2.200-254

Hope that helps! If further questions into this don't hesitate to pm me.

[John200Ok]

I am not sure what you meant,but KisMac might help you i guess