Claude Generated Network Discovery

networkdiscovery2.ps1

@@ -0,0 +1,238 @@
+# MAC OUI Database (shortened for example, add more as needed)
+$ouiDatabase = @{
+    '000000' = 'Xerox'
+    '000001' = 'Xerox'
+    '000002' = 'Xerox'
+    '000003' = 'Xerox'
+    '000004' = 'Xerox'
+    '000005' = 'Xerox'
+    '000006' = 'Xerox'
+    '00005E' = 'IANA'
+    '000105' = 'Cisco'
+    '000130' = 'Hewlett Packard'
+    '000156' = 'Cisco'
+    '000163' = 'Cisco'
+    '000164' = 'Cisco'
+    '000196' = 'Cisco'
+    '000197' = 'Cisco'
+    '0001C7' = 'Cisco'
+    '0001C9' = 'Cisco'
+    '000393' = 'Apple'
+    '000502' = 'Apple'
+    '000883' = 'Hewlett Packard'
+    '000A27' = 'Apple'
+    '000A95' = 'Apple'
+    '000D93' = 'Apple'
+    '000E7F' = 'Hewlett Packard'
+    '001018' = 'Broadcom'
+    '001094' = 'Apple'
+    '0011D8' = 'Dell'
+    '001225' = 'Dell'
+    '001279' = 'Cisco'
+    '001321' = 'Hewlett Packard'
+    '001408' = 'Zyxel'
+    '001500' = 'Dell'
+    '001635' = 'Cisco'
+    '001765' = 'Cisco'
+    '0019E3' = 'Apple'
+    '001B63' = 'Apple'
+    '001CC4' = 'Dell'
+    '001E8C' = 'Dell'
+    '002248' = 'Dell'
+    '002269' = 'Honeywell'
+    '00236C' = 'Apple'
+    '002500' = 'Apple'
+    '002538' = 'Samsung'
+    '0025BC' = 'Dell'
+    '002655' = 'Hewlett Packard'
+    '00306E' = 'Hewlett Packard'
+    '0050BA' = 'D-Link'
+    '006008' = 'D-Link'
+    '006097' = 'Dell'
+    '008865' = 'Yealink'
+    '00A050' = 'Cisco'
+    '080027' = 'Oracle'
+    '085700' = 'Dell'
+    '086266' = 'Yealink'
+    '10F005' = 'Cisco'
+    '14DAE9' = 'Dell'
+    '1803BB' = 'Hikvision'
+    '1C1B0D' = 'Yealink'
+    '28C68E' = 'NETGEAR'
+    '3497F6' = 'Dell'
+    '40B034' = 'Hikvision'
+    '44A689' = 'Hikvision'
+    '4C34BB' = 'Hikvision'
+    '54BF64' = 'Dell'
+    '588BF3' = 'Zyxel'
+    '5C260A' = 'Dell'
+    '64006A' = 'Dell'
+    '6C2B59' = 'Dell'
+    '70105C' = 'Cisco'
+    '742344' = 'Yealink'
+    '74E6E2' = 'Dell'
+    '847BEB' = 'Dell'
+    '8C89A5' = 'Dell'
+    'A01D48' = 'Dell'
+    'A4251B' = 'Avaya'
+    'A4BB6D' = 'Dell'
+    'B078F0' = 'Dell'
+    'B4E10F' = 'Dell'
+    'B80CD6' = 'Yealink'
+    'C80AA9' = 'Yealink'
+    'D067E5' = 'Dell'
+    'D4AE52' = 'Dell'
+    'D89EF3' = 'Dell'
+    'E0DB55' = 'Dell'
+    'E4F004' = 'Dell'
+    'E8B27C' = 'Dell'
+    'F04DA2' = 'Dell'
+    'F48E38' = 'Dell'
+    'F8B156' = 'Dell'
+    'F8BC12' = 'Dell'
+    'FC15B4' = 'Dell'
+}
+
+# Function to get MAC vendor from MAC address using our database
+function Get-MacVendor {
+    param (
+        [string]$MacAddress
+    )
+    
+    # Clean the MAC address and get first 6 characters
+    $oui = ($MacAddress -replace '[-:\.]', '').Substring(0, 6).ToUpper()
+    
+    # Look up the manufacturer in our database
+    if ($ouiDatabase.ContainsKey($oui)) {
+        return $ouiDatabase[$oui]
+    }
+    return "Unknown"
+}
+
+# Function to categorize devices based on manufacturer
+function Get-DeviceCategory {
+    param (
+        [string]$Manufacturer,
+        [string]$DeviceName
+    )
+    
+    switch -Wildcard ($Manufacturer.ToLower()) {
+        # Network Infrastructure
+        "*cisco*" { return "Network Infrastructure" }
+        "*juniper*" { return "Network Infrastructure" }
+        "*aruba*" { return "Network Infrastructure" }
+        "*ubiquiti*" { return "Network Infrastructure" }
+        "*netgear*" { return "Network Infrastructure" }
+        "*d-link*" { return "Network Infrastructure" }
+        "*tp-link*" { return "Network Infrastructure" }
+        "*zyxel*" { return "Network Infrastructure" }
+        "*meraki*" { return "Network Infrastructure" }
+        "*fortinet*" { return "Network Infrastructure" }
+        
+        # VoIP Phones
+        "*yealink*" { return "VoIP Phones" }
+        "*polycom*" { return "VoIP Phones" }
+        "*avaya*" { return "VoIP Phones" }
+        "*cisco-phone*" { return "VoIP Phones" }
+        "*grandstream*" { return "VoIP Phones" }
+        
+        # Computers/Servers
+        "*dell*" { return "Computers/Servers" }
+        "*hp*" { 
+            if ($DeviceName -like "*printer*") { return "Printers" }
+            return "Computers/Servers" 
+        }
+        "*lenovo*" { return "Computers/Servers" }
+        "*oracle*" { return "Computers/Servers" }
+        "*vmware*" { return "Computers/Servers" }
+        
+        # Mobile Devices
+        "*apple*" { 
+            if ($DeviceName -like "*iphone*") { return "Mobile Phones" }
+            return "Computers/Servers" 
+        }
+        "*samsung*" { return "Mobile Phones" }
+        "*huawei*" { return "Mobile Phones" }
+        "*xiaomi*" { return "Mobile Phones" }
+        "*oppo*" { return "Mobile Phones" }
+        
+        # Printers
+        "*xerox*" { return "Printers" }
+        "*brother*" { return "Printers" }
+        "*epson*" { return "Printers" }
+        "*canon*" { return "Printers" }
+        "*ricoh*" { return "Printers" }
+        
+        # Cameras
+        "*axis*" { return "Cameras" }
+        "*hikvision*" { return "Cameras" }
+        "*dahua*" { return "Cameras" }
+        "*mobotix*" { return "Cameras" }
+        "*bosch*" { return "Cameras" }
+        
+        # IoT Devices
+        "*nest*" { return "IoT Devices" }
+        "*ring*" { return "IoT Devices" }
+        "*sonos*" { return "IoT Devices" }
+        "*philips*" { return "IoT Devices" }
+        "*honeywell*" { return "IoT Devices" }
+        "*amazon*" { return "IoT Devices" }
+        "*google*" { return "IoT Devices" }
+        
+        default { return "Other" }
+    }
+}
+
+# Get local subnet information
+$localIP = (Get-NetIPAddress | Where-Object {$_.AddressFamily -eq 'IPv4' -and $_.PrefixOrigin -eq 'Dhcp'}).IPAddress
+$subnet = $localIP -replace '\.\d+$', '.0/24'
+
+# Initialize results array
+$deviceList = @()
+
+# Ping sweep the network
+1..254 | ForEach-Object {
+    $ip = $subnet -replace '0/24', $_
+    $ping = Test-Connection -ComputerName $ip -Count 1 -ErrorAction SilentlyContinue
+    
+    if ($ping) {
+        # Get ARP entry for the IP
+        $arpEntry = Get-NetNeighbor -IPAddress $ip -ErrorAction SilentlyContinue
+        
+        if ($arpEntry -and $arpEntry.LinkLayerAddress -and $arpEntry.LinkLayerAddress -ne '000000000000') {
+            $macAddress = $arpEntry.LinkLayerAddress
+            $manufacturer = Get-MacVendor -MacAddress $macAddress
+            $deviceName = try {
+                [System.Net.Dns]::GetHostEntry($ip).HostName
+            } catch {
+                "Unknown"
+            }
+            
+            # Only add devices with valid MAC addresses and known manufacturers
+            $deviceList += [PSCustomObject]@{
+                IPAddress = $ip
+                DeviceName = $deviceName
+                MACAddress = $macAddress
+                Manufacturer = $manufacturer
+                Category = Get-DeviceCategory -Manufacturer $manufacturer -DeviceName $deviceName
+            }
+        }
+    }
+}
+
+# Display results
+Write-Host "`nNetwork Scan Results:`n" -ForegroundColor Green
+$deviceList | Format-Table -AutoSize
+
+# Generate and display summary
+Write-Host "`nDevice Category Summary:`n" -ForegroundColor Green
+$deviceList | Group-Object Category | Select-Object @{
+    Name = 'Category'
+    Expression = {$_.Name}
+}, @{
+    Name = 'Count'
+    Expression = {$_.Count}
+} | Format-Table -AutoSize
+
+# Export results to CSV (optional)
+$deviceList | Export-Csv -Path "NetworkScan_$(Get-Date -Format 'yyyyMMdd_HHmmss').csv" -NoTypeInformation