Scanning a network with ARP rather than ICMP is one method of keeping a lower profile, as ARP requests are less likely to be monitored.

It’s fairly easy to set up such a scanner using the Scapy module:

#!/usr/bin/env python3
 
# Scans the given IP range on the given network using ARP
# rather than ICMP to help bypass potential alerting.
 
from scapy.all import *
 
interface = "eth0"
ip_range = "10.10.X.X/24"
broadcastMac = "ff:ff:ff:ff:ff:ff"
 
packet = Ether(dst = broadcastMac) / ARP(pdst = ip_range)
 
ans, unans = srp(packet, timeout = 2, iface = interface, inter = 0.1)
 
for send, receive in ans:
	print(receive.sprintf(r"%Ether.src% - %ARP.psrc%"))

Note that the r here isn’t a mistake — rather it specifies a “raw string” (the use of which, incidentally, requires Python 3.6+).