βͺ Host Discovery
Linux
Nmap
# apt install -y nmap
nmap -sn 192.168.1.0/24
Fping
# apt install -y fping
fping -aqg 192.168.1.0/24
Netdiscover
# apt install -y netdiscover
netdiscover -i eth0 -r 192.168.1.0/24
arp-scan
# apt install -y arp-scan
arp-scan -I eth0 -l
Ping
for i in $(seq 1 254); do (ping -c 1 192.168.1.${i} | grep "bytes from" | awk '{print $4}' | tr -d ':' &); done;
Bash
Segmentos: 1
#!/bin/bash
echo -e "\n[!] Start Discovery:\n"
for i in $(seq 1 254); do
timeout 1 bash -c "ping -c 1 192.168.1.$i" &> /dev/null && echo -e " [+] 192.168.1.$i" &
done; wait
Segmentos: 2
#!/bin/bash
hosts=("192.168.1" "10.10.10")
echo -e "\n[!] Start Discovery:\n"
for host in ${hosts[@]}; do
echo -e "[*] Range: $host.0/24"
for i in $(seq 1 254); do
timeout 1 bash -c "ping -c 1 $host.$i" &>/dev/null && echo -e " [+] $host.$i" &
done; wait
done
Windows
CMD
for /l %i in (1,1,254) do @ping -4 -n 1 -w 100 192.168.1.%i | findstr TTL
for /L %a IN (1,1,254) DO @(ping -n 1 -w 1 192.168.1.%a | findstr "TTL=" > nul && echo 192.168.1.%a)
PowerShell
1..254 | % {ping -4 -n 1 -w 100 X.X.X.$_} | Select-String TTL
1..254 | % {ping -4 -n 1 -w 100 X.X.X.$_} | Select-String TTL | % {$regex = [regex] '\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b'; $regex.Matches($_)} | % {$_.value}
Β© d4t4s3c 2023-2025