使用 nmap 发现并识别本地或远程网络上的设备。收集 IP 地址、主机名(通过反向 DNS)、MAC 地址和厂商识别信息。
安全优先: 内置保护机制,防止意外扫描公共 IP 范围或没有正确私有路由的网络 — 防止来自托管服务商的滥用报告。
依赖要求
nmap - 网络扫描(apt install nmap 或 brew install nmap)dig - DNS 查询(通常预装)- 建议使用
sudo 权限以获取 MAC 地址
快速开始
# 自动检测并扫描当前网络
python3 scripts/scan.py# 扫描指定的 CIDR
python3 scripts/scan.py 192.168.1.0/24
# 使用自定义 DNS 服务器进行反向查询
python3 scripts/scan.py 192.168.1.0/24 --dns 192.168.1.1
# 输出为 JSON 格式
python3 scripts/scan.py --json
配置
在 ~/.config/network-scanner/networks.json 中配置命名网络:
{
"networks": {
"home": {
"cidr": "192.168.1.0/24",
"dns": "192.168.1.1",
"description": "Home Network"
},
"office": {
"cidr": "10.0.0.0/24",
"dns": "10.0.0.1",
"description": "Office Network"
}
},
"blocklist": [
{
"cidr": "10.99.0.0/24",
"reason": "No private route from this host"
}
]
}
然后按名称扫描:
python3 scripts/scan.py home
python3 scripts/scan.py office --json
安全特性
扫描器包含多项安全检查以防止意外滥用:
- 黑名单 —
blocklist 配置数组中的网络始终被阻止
- 公共 IP 检查 — 扫描公共(非 RFC1918)IP 范围会被阻止
- 路由验证 — 对于临时 CIDR,验证路由使用私有网关
可信网络(在 networks.json 中配置)会跳过路由验证,因为您已明确批准它们。
# 被阻止 - 公共 IP 范围
$ python3 scripts/scan.py 8.8.8.0/24
❌ BLOCKED: Target 8.8.8.0/24 is a PUBLIC IP range# 被阻止 - 在黑名单中
$ python3 scripts/scan.py 10.99.0.0/24
❌ BLOCKED: 10.99.0.0/24 is blocklisted
# 允许 - 已配置的可信网络
$ python3 scripts/scan.py home
✓ Scanning 192.168.1.0/24...
命令
# 创建示例配置
python3 scripts/scan.py --init-config# 列出已配置的网络
python3 scripts/scan.py --list
# 不使用 sudo 扫描(可能丢失 MAC 地址)
python3 scripts/scan.py home --no-sudo
输出格式
Markdown(默认):
### Home Network
Last scan: 2026-01-28 00:10| IP | Name | MAC | Vendor |
|---|
| 192.168.1.1 | router.local | AA:BB:CC:DD:EE:FF | Ubiquiti |
| 192.168.1.100 | nas.local | 11:22:33:44:55:66 | Synology |
2 devices found
JSON(--json):
{
"network": "Home Network",
"cidr": "192.168.1.0/24",
"devices": [
{
"ip": "192.168.1.1",
"hostname": "router.local",
"mac": "AA:BB:CC:DD:EE:FF",
"vendor": "Ubiquiti"
}
],
"scanned_at": "2026-01-28T00:10:00",
"device_count": 2
}
使用场景
- 设备清单:跟踪网络上的所有设备
- 安全审计:识别未知设备
- 文档生成:为文档生成网络拓扑图
- 自动化:与家庭自动化集成以检测设备在线状态
技巧
- 使用
sudo 以获得准确的 MAC 地址检测(nmap 需要权限才能进行 ARP 扫描)
- 配置本地 DNS 服务器以获得更好的主机名解析
- 将已配置的网络添加到可信列表,以跳过每次扫描时的路由验证
- 将无法私有访问的网络添加到黑名单以防止意外扫描
- 在脚本中扩展
MAC_VENDORS 以获得更好的设备识别
Discover and identify devices on local or remote networks using nmap. Gathers IP addresses, hostnames (via reverse DNS), MAC addresses, and vendor identification.
Safety First: Includes built-in protection against accidentally scanning public IP ranges or networks without proper private routing — preventing abuse reports from hosting providers.
Requirements
nmap - Network scanning (apt install nmap or brew install nmap)dig - DNS lookups (usually pre-installed)sudo access recommended for MAC address discovery
Quick Start
# Auto-detect and scan current network
python3 scripts/scan.py# Scan a specific CIDR
python3 scripts/scan.py 192.168.1.0/24
# Scan with custom DNS server for reverse lookups
python3 scripts/scan.py 192.168.1.0/24 --dns 192.168.1.1
# Output as JSON
python3 scripts/scan.py --json
Configuration
Configure named networks in ~/.config/network-scanner/networks.json:
{
"networks": {
"home": {
"cidr": "192.168.1.0/24",
"dns": "192.168.1.1",
"description": "Home Network"
},
"office": {
"cidr": "10.0.0.0/24",
"dns": "10.0.0.1",
"description": "Office Network"
}
},
"blocklist": [
{
"cidr": "10.99.0.0/24",
"reason": "No private route from this host"
}
]
}
Then scan by name:
python3 scripts/scan.py home
python3 scripts/scan.py office --json
Safety Features
The scanner includes multiple safety checks to prevent accidental abuse:
- Blocklist — Networks in the
blocklist config array are always blocked
- Public IP check — Scanning public (non-RFC1918) IP ranges is blocked
- Route verification — For ad-hoc CIDRs, verifies the route uses private gateways
Trusted networks (configured in networks.json) skip route verification since you've explicitly approved them.
# Blocked - public IP range
$ python3 scripts/scan.py 8.8.8.0/24
❌ BLOCKED: Target 8.8.8.0/24 is a PUBLIC IP range# Blocked - in blocklist
$ python3 scripts/scan.py 10.99.0.0/24
❌ BLOCKED: 10.99.0.0/24 is blocklisted
# Allowed - configured trusted network
$ python3 scripts/scan.py home
✓ Scanning 192.168.1.0/24...
Commands
# Create example config
python3 scripts/scan.py --init-config# List configured networks
python3 scripts/scan.py --list
# Scan without sudo (may miss MAC addresses)
python3 scripts/scan.py home --no-sudo
Output Formats
Markdown (default):
### Home Network
Last scan: 2026-01-28 00:10| IP | Name | MAC | Vendor |
|---|
| 192.168.1.1 | router.local | AA:BB:CC:DD:EE:FF | Ubiquiti |
| 192.168.1.100 | nas.local | 11:22:33:44:55:66 | Synology |
2 devices found
JSON (--json):
{
"network": "Home Network",
"cidr": "192.168.1.0/24",
"devices": [
{
"ip": "192.168.1.1",
"hostname": "router.local",
"mac": "AA:BB:CC:DD:EE:FF",
"vendor": "Ubiquiti"
}
],
"scanned_at": "2026-01-28T00:10:00",
"device_count": 2
}
Use Cases
- Device inventory: Keep track of all devices on your network
- Security audits: Identify unknown devices
- Documentation: Generate network maps for documentation
- Automation: Integrate with home automation to detect device presence
Tips
- Use
sudo for accurate MAC address detection (nmap needs privileges for ARP)
- Configure your local DNS server for better hostname resolution
- Add configured networks to skip route verification on every scan
- Add networks you can't reach privately to the blocklist to prevent accidents
- Extend
MAC_VENDORS in the script for better device identification