🖥️arp-scan
➡️This is a command-line reference manual for commands and command combinations that you don’t use often enough to remember it. This cheatsheet explains the arp-scan command with important options and switches using examples.
3 minute read
▁ ▂ ▃ ▄ ꧁ 🔴☠ COMMANDLINE-KUNGFU WITH CHEATSHEETS ☠🔴꧂▅ ▃ ▂ ▁
# █████╗ ██████╗ ██████╗ ███████╗ ██████╗ █████╗ ███╗ ██╗
# ██╔══██╗██╔══██╗██╔══██╗ ██╔════╝██╔════╝██╔══██╗████╗ ██║
# ███████║██████╔╝██████╔╝█████╗███████╗██║ ███████║██╔██╗ ██║
# ██╔══██║██╔══██╗██╔═══╝ ╚════╝╚════██║██║ ██╔══██║██║╚██╗██║
# ██║ ██║██║ ██║██║ ███████║╚██████╗██║ ██║██║ ╚████║
# ╚═╝ ╚═╝╚═╝ ╚═╝╚═╝ ╚══════╝ ╚═════╝╚═╝ ╚═╝╚═╝ ╚═══╝
arp-scan -h
# Syntax
Usage: arp-scan [options] [hosts...]
# Scan Local Network
# Most basic usage of arp-scan is scanning local network with a single options named --localnet or-l . This will scan whole local network with arp packets. While using arp-scan we need root privileges.
arp-scan --localnet
# Specify Network Interface
# Enterprise environments requires more than one network interface for backup, load balancing etc. In this situations we need to specify network interface. We will use -i option. In the example we will use network interface named ens3 .
arp-scan --interface=ens3 --localnet
# Set Source Mac Address
# During the scan process our exisiting mac address will be used. This may create some clue about the scan. We can change the source mac address during scan. This will make all sent packets have different mac address than our hardware mac address. We will use --destaddr or -T option.
arp-scan -T aa:bb:cc:dd:ee:ff
# Set Destination Mac Address
# Another useful option is setting destination mac address with --srcaddr or -S option.
arp-scan -S aa:bb:cc:dd:ee:ff
# Specify Vlan
# In real world networks single interface can host multiple networks. This is generally done using some multiplexing protocol named Virtual Local Area Network or simply VLAN. If the interface is trunk which means interface hosts multiple VLANS we may need to specify VLAN id. We will use --vlan or -Q option to specify VLAN id. In the example we will only scan VLAN 10 .
arp-scan -i ens3 -Q 10
# Write Received Packets To Pcap
# If the responses return by the scanned hosts are important for us we can save them in pcap format. Pcap format is supported by tools like tcpdump, wireshark etc. We will us -pcapsavefile or -W options to specify pcap file.
arp-scan --localnet -W scan.pcap
# We can read pcap file with tcpdump like below.
tcpdump -r scan.pcap
# arp-scan
arp-scan 10.194.120.0:255.255.252.0
Cheatsheets are an excellent complement to other information sources like Linux man-pages, Linux help, or How-To’s and tutorials, as they provide compact and easily accessible information. While man-pages and detailed tutorials often contain comprehensive explanations and extensive guides, cheatsheets summarize the most important options forthe command arp-scan in a clear format. This allows users to quickly access the needed information for arp-scan without having to sift through lengthy texts. Especially in stressful situations or for recurring tasks, cheatsheets for arp-scan are a valuable resource to work efficiently and purposefully.
░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
█║▌│║█║▌★ KALI ★ PARROT ★ DEBIAN 🔴 PENTESTING ★ HACKING ★ █║▌│║█║▌
██╗ ██╗ ██████╗ ██████╗ ██╗ ██╗███████╗██████╗
████████╗██╔══██╗██╔═══██╗╚██╗██╔╝██╔════╝██╔══██╗
╚██╔═██╔╝██║ ██║██║ ██║ ╚███╔╝ █████╗ ██║ ██║
████████╗██║ ██║██║ ██║ ██╔██╗ ██╔══╝ ██║ ██║
╚██╔═██╔╝██████╔╝╚██████╔╝██╔╝ ██╗███████╗██████╔╝
╚═╝ ╚═╝ ╚═════╝ ╚═════╝ ╚═╝ ╚═╝╚══════╝╚═════╝
█║▌│║█║▌ WITH COMMANDLINE-KUNGFU POWER █║▌│║█║▌
░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.