arp-scan
arp-scan is a command-line tool that uses the ARP protocol to discover and fingerprint IP hosts on the local network. It uses the Address Resolution Protocol (ARP) to determine the MAC addresses of devices on a network by sending ARP requests to all devices on the network and displaying the responses.
arp-scan can be used for a variety of purposes, including network discovery, network inventory, and security auditing. It is often used by network administrators and security professionals to identify and troubleshoot network issues and to detect unauthorized devices on a network.
To use arp-scan, you will need to be connected to the local network you want to scan, and you will need to have arp-scan installed on your system. You can then use the arp-scan command with a range of options to specify the network range to scan and other details.
HELP:
┌──(kali㉿kali)-[~]
└─$ arp-scan -h
┌──(kali㉿kali)-[~]
└─$ sudo arp-scan 192.168.0.0/24
FPING
fping is a command-line tool for sending Internet Control Message Protocol (ICMP) echo request packets to network hosts to determine their reachability and latency. It is similar to the ping command but is designed to be faster and more efficient, particularly when pinging multiple hosts simultaneously.
fping is often used by network administrators and security professionals to test network hosts’ connectivity, measure network device response time, and troubleshoot network issues. It is handy when you need to ping many hosts quickly, as it can send a batch of pings in parallel rather than sending them sequentially like ping.
To use fping, you will need to have fping installed on your system, and you will need to specify the target host or hosts you want to ping. You can specify the target hosts as a list of hostnames or IP addresses on the command line, or you can use a file containing a list of hosts.
For example, you might use a command like the following to ping a single host:
fping google.com
Or you might use a command like the following to ping multiple hosts at once:
fping google.com yahoo.com
fping has a range of options that you can use to customize its behavior, such as specifying the number of pings to send, the interval between pings, and the timeout for responses. You can use these options to fine-tune fping to suit your specific needs.
┌──(kali㉿kali)-[~]
└─$ fping -I eth0 -g 192.168.0.0/24 -a 2>/dev/null
The fping command in this example uses several options to customize its behavior:
-I eth0 (mention your current network interface) specifies the network interface for sending and receiving pings. In this case, the interface is eth0.
-g 192.168.0.0/24 specifies a target list consisting of a range of IP addresses. The -g option allows you to specify a range of IP addresses to ping rather than specifying each individual IP address or hostname on the command line. The range of IP addresses specified in this example is 192.168.0.0/24, representing all IP addresses in the 192.168.0.0 subnet.
-a specifies that fping should show all responses, including those from unreachable hosts.
2>/dev/null will remove unreachable host messages. This is often used to suppress error messages that are irrelevant to the task.