# ARP scanning Scanning a network with [[ARP]] rather than [[ICMP]] is one method of keeping a lower profile, as [[ARP]] requests are less likely to be monitored. It's fairly easy to set up such a scanner using the [Scapy](https://scapy.net/) module: ```python #!/usr/bin/env python3 # Scans the given IP range on the given network using ARP # rather than ICMP to help bypass potential alerting. from scapy.all import * interface = "eth0" ip_range = "10.10.X.X/24" broadcastMac = "ff:ff:ff:ff:ff:ff" packet = Ether(dst = broadcastMac) / ARP(pdst = ip_range) ans, unans = srp(packet, timeout = 2, iface = interface, inter = 0.1) for send, receive in ans: print(receive.sprintf(r"%Ether.src% - %ARP.psrc%")) ``` Note that the `r` here isn't a mistake - rather it specifies a ["raw string"](https://whatisanything.com/how-do-you-write-an-f-string-in-python/#What_does_R_mean_Python) (the use of which, incidentally, requires Python 3.6+).