A small security-focused tool that scans your local network for connected devices, identifies likely manufacturers using MAC address lookups, and highlights unknown/new devices in a simple dashboard output.
Goal: quick visibility into “who is on my network” + basic device attribution for a home / lab environment.
- Smart subnet auto-detection (handles VPNs / virtual adapters)
- Windows-friendly fallback scanning (no Npcap required)
- MAC OUI manufacturer detection
- Strict allowlist mode (security monitoring)
- Device baseline database (detect newly seen devices)
- Gateway role detection (clearly marks network gateway)
- Watch mode (continuous monitoring)
- JSON / NDJSON output for scripting & CI
- Concurrency control (
--max-workers) - Automation-ready exit codes
- Detects the active network interface + local subnet (example:
192.168.1.0/24) - Scans the subnet to find live hosts
- Resolves IP → MAC
- Uses the MAC prefix (OUI) to guess the manufacturer
- Compares scan results against your allowlist / previously seen devices
- Prints a dashboard view and optionally saves output files
- Python 3.11+ recommended (3.12 works great)
- Fully supported on Windows (Npcap optional for advanced scanning).
git clone https://github.com/<your-username>/sec-network-device-scanner.git
cd sec-network-device-scanner
python -m venv .venv
# Linux/macOS
source .venv/bin/activate
# Windows (PowerShell)
# .\.venv\Scripts\Activate.ps1
pip install -e .--strictwatch--json--show-nets--max-workers
sec-network-device-scanner scansec-network-device-scanner scan --out results.jsonsec-network-device-scanner scan --allow allowlist.json{
"devices": [
{ "mac": "AA:BB:CC:11:22:33", "name": "My Laptop" },
{ "mac": "44:55:66:77:88:99", "name": "Router" }
]
}Role ┃ IP ┃ MAC ┃ Manufacturer ┃ Status ┃ Name
...
{
"timestamp_utc": "...",
"network": "10.175.142.0/24",
"gateway_ip": "10.175.142.245",
"counts": {
"found": 1,
"new": 0,
"unknown": 0
},
"devices": [...]
}Designed for scripts/CI and security workflows:
| Code | Meaning |
|---|---|
| 0 | No unknown devices found |
| 1 | At least one unknown device found |
| 2 | Runtime error (permissions, interface not found, etc.) |
sec-network-device-scanner/
├─ src/sec_network_device_scanner/
│ ├─ __init__.py
│ ├─ cli.py
│ ├─ scanner.py
│ ├─ oui.py
│ └─ storage.py
├─ tests/
├─ .github/workflows/
├─ pyproject.toml
└─ README.md
This tool is meant for networks you own or have permission to test. Results depend on local network visibility (VLANs, client isolation, firewall rules, etc.). Manufacturer detection is best-effort; OUI databases can be incomplete. Some devices may hide MAC addresses or appear behind NAT.