How to Scan Devices in Your Local Network Using Python and ARP

In local networks, especially for system administrators, ethical hackers, or home network enthusiasts, it’s often important to know what devices are currently connected. Fortunately, Python combined with Scapy makes this process incredibly easy and powerful.

In this tutorial, we’ll show you how to build a simple ARP scanner in Python that can scan a subnet (like 172.16.20.0/24) and return the IP and hostname of each connected device.

⚙️ Requirements

You’ll need to install Scapy if you haven't already:

pip install scapy

Also, run the script with sudo/root permission since ARP scanning requires raw socket access.

💻 Python Code: ARP-based Network Scanner

import ipaddress
import scapy.all as scapy
import socket

def get_device_name(ip):
    try:
        return socket.gethostbyaddr(ip)[0]
    except socket.herror:
        return "Unknown"

def scan(ip_range):
    arp_request = scapy.ARP(pdst=ip_range)
    broadcast = scapy.Ether(dst="ff:ff:ff:ff:ff:ff")
    packet = broadcast / arp_request
    answered = scapy.srp(packet, timeout=2, verbose=0)[0]

    devices = []
    for sent, received in answered:
        ip = received.psrc
        hostname = get_device_name(ip)
        devices.append({"ip": ip, "hostname": hostname})
    
    return devices

if __name__ == "__main__":
    # subnet = "192.168.1.0/24"
    subnet = "172.16.20.0/24"
    print(f"Scanning subnet: {subnet}...\n")

    results = scan(subnet)
    print("Found devices:")
    for device in results:
        print(f"- IP: {device['ip']} | Hostname: {device['hostname']}")

📌 What This Script Does

• Sends ARP requests to every IP in the specified subnet.

• Captures ARP replies and extracts the IP address of active devices.

• Uses socket.gethostbyaddr() to resolve hostnames if available (works better if your network has reverse DNS or mDNS/NetBIOS enabled).

Example Output:

🔒 Security Note

This script is safe and uses standard ARP discovery, similar to what tools like arp-scan or nmap -sn do. Make sure you only use it on networks you own or have permission to test.

🧩 Next Steps

You can extend this scanner to:

• Fetch MAC address and map vendors via OUI

• Integrate with nmap for port scanning

• Use TTL or fingerprinting to guess OS

• Display results in a web interface or save to CSV

⚠️ Disclaimer: For Educational Use Only

📌 Legal Notice:
The script and techniques shared in this article are intended solely for educational purposes, ethical hacking training, and internal network administration.
Do not use this code to scan, probe, or interfere with any network or device that you do not own or explicitly have permission to test.

❌ Unauthorized scanning or probing of networks may violate cybersecurity laws and result in serious legal consequences.

✅ Always use these tools and techniques responsibly, ethically, and within the bounds of the law.