ARP broadcasting

During an internal network active reconnaissance, the entire local network can be scanned using nmap (nmap -v -sn IPrange) to sniff the ARP broadcasts. In addition, Kali has arp-scan (arp-scan IP range) to identify a list of hosts that are alive on the same network.

The following screenshot of Wireshark provides the traffic generated at the target when arp-scan is run against the entire subnet. This is considered to be a non-stealthy scan:

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.235.130.73