Claude Generated Network Discovery
commit
eacff16c89
|
|
@ -0,0 +1,238 @@
|
|||
# MAC OUI Database (shortened for example, add more as needed)
|
||||
$ouiDatabase = @{
|
||||
'000000' = 'Xerox'
|
||||
'000001' = 'Xerox'
|
||||
'000002' = 'Xerox'
|
||||
'000003' = 'Xerox'
|
||||
'000004' = 'Xerox'
|
||||
'000005' = 'Xerox'
|
||||
'000006' = 'Xerox'
|
||||
'00005E' = 'IANA'
|
||||
'000105' = 'Cisco'
|
||||
'000130' = 'Hewlett Packard'
|
||||
'000156' = 'Cisco'
|
||||
'000163' = 'Cisco'
|
||||
'000164' = 'Cisco'
|
||||
'000196' = 'Cisco'
|
||||
'000197' = 'Cisco'
|
||||
'0001C7' = 'Cisco'
|
||||
'0001C9' = 'Cisco'
|
||||
'000393' = 'Apple'
|
||||
'000502' = 'Apple'
|
||||
'000883' = 'Hewlett Packard'
|
||||
'000A27' = 'Apple'
|
||||
'000A95' = 'Apple'
|
||||
'000D93' = 'Apple'
|
||||
'000E7F' = 'Hewlett Packard'
|
||||
'001018' = 'Broadcom'
|
||||
'001094' = 'Apple'
|
||||
'0011D8' = 'Dell'
|
||||
'001225' = 'Dell'
|
||||
'001279' = 'Cisco'
|
||||
'001321' = 'Hewlett Packard'
|
||||
'001408' = 'Zyxel'
|
||||
'001500' = 'Dell'
|
||||
'001635' = 'Cisco'
|
||||
'001765' = 'Cisco'
|
||||
'0019E3' = 'Apple'
|
||||
'001B63' = 'Apple'
|
||||
'001CC4' = 'Dell'
|
||||
'001E8C' = 'Dell'
|
||||
'002248' = 'Dell'
|
||||
'002269' = 'Honeywell'
|
||||
'00236C' = 'Apple'
|
||||
'002500' = 'Apple'
|
||||
'002538' = 'Samsung'
|
||||
'0025BC' = 'Dell'
|
||||
'002655' = 'Hewlett Packard'
|
||||
'00306E' = 'Hewlett Packard'
|
||||
'0050BA' = 'D-Link'
|
||||
'006008' = 'D-Link'
|
||||
'006097' = 'Dell'
|
||||
'008865' = 'Yealink'
|
||||
'00A050' = 'Cisco'
|
||||
'080027' = 'Oracle'
|
||||
'085700' = 'Dell'
|
||||
'086266' = 'Yealink'
|
||||
'10F005' = 'Cisco'
|
||||
'14DAE9' = 'Dell'
|
||||
'1803BB' = 'Hikvision'
|
||||
'1C1B0D' = 'Yealink'
|
||||
'28C68E' = 'NETGEAR'
|
||||
'3497F6' = 'Dell'
|
||||
'40B034' = 'Hikvision'
|
||||
'44A689' = 'Hikvision'
|
||||
'4C34BB' = 'Hikvision'
|
||||
'54BF64' = 'Dell'
|
||||
'588BF3' = 'Zyxel'
|
||||
'5C260A' = 'Dell'
|
||||
'64006A' = 'Dell'
|
||||
'6C2B59' = 'Dell'
|
||||
'70105C' = 'Cisco'
|
||||
'742344' = 'Yealink'
|
||||
'74E6E2' = 'Dell'
|
||||
'847BEB' = 'Dell'
|
||||
'8C89A5' = 'Dell'
|
||||
'A01D48' = 'Dell'
|
||||
'A4251B' = 'Avaya'
|
||||
'A4BB6D' = 'Dell'
|
||||
'B078F0' = 'Dell'
|
||||
'B4E10F' = 'Dell'
|
||||
'B80CD6' = 'Yealink'
|
||||
'C80AA9' = 'Yealink'
|
||||
'D067E5' = 'Dell'
|
||||
'D4AE52' = 'Dell'
|
||||
'D89EF3' = 'Dell'
|
||||
'E0DB55' = 'Dell'
|
||||
'E4F004' = 'Dell'
|
||||
'E8B27C' = 'Dell'
|
||||
'F04DA2' = 'Dell'
|
||||
'F48E38' = 'Dell'
|
||||
'F8B156' = 'Dell'
|
||||
'F8BC12' = 'Dell'
|
||||
'FC15B4' = 'Dell'
|
||||
}
|
||||
|
||||
# Function to get MAC vendor from MAC address using our database
|
||||
function Get-MacVendor {
|
||||
param (
|
||||
[string]$MacAddress
|
||||
)
|
||||
|
||||
# Clean the MAC address and get first 6 characters
|
||||
$oui = ($MacAddress -replace '[-:\.]', '').Substring(0, 6).ToUpper()
|
||||
|
||||
# Look up the manufacturer in our database
|
||||
if ($ouiDatabase.ContainsKey($oui)) {
|
||||
return $ouiDatabase[$oui]
|
||||
}
|
||||
return "Unknown"
|
||||
}
|
||||
|
||||
# Function to categorize devices based on manufacturer
|
||||
function Get-DeviceCategory {
|
||||
param (
|
||||
[string]$Manufacturer,
|
||||
[string]$DeviceName
|
||||
)
|
||||
|
||||
switch -Wildcard ($Manufacturer.ToLower()) {
|
||||
# Network Infrastructure
|
||||
"*cisco*" { return "Network Infrastructure" }
|
||||
"*juniper*" { return "Network Infrastructure" }
|
||||
"*aruba*" { return "Network Infrastructure" }
|
||||
"*ubiquiti*" { return "Network Infrastructure" }
|
||||
"*netgear*" { return "Network Infrastructure" }
|
||||
"*d-link*" { return "Network Infrastructure" }
|
||||
"*tp-link*" { return "Network Infrastructure" }
|
||||
"*zyxel*" { return "Network Infrastructure" }
|
||||
"*meraki*" { return "Network Infrastructure" }
|
||||
"*fortinet*" { return "Network Infrastructure" }
|
||||
|
||||
# VoIP Phones
|
||||
"*yealink*" { return "VoIP Phones" }
|
||||
"*polycom*" { return "VoIP Phones" }
|
||||
"*avaya*" { return "VoIP Phones" }
|
||||
"*cisco-phone*" { return "VoIP Phones" }
|
||||
"*grandstream*" { return "VoIP Phones" }
|
||||
|
||||
# Computers/Servers
|
||||
"*dell*" { return "Computers/Servers" }
|
||||
"*hp*" {
|
||||
if ($DeviceName -like "*printer*") { return "Printers" }
|
||||
return "Computers/Servers"
|
||||
}
|
||||
"*lenovo*" { return "Computers/Servers" }
|
||||
"*oracle*" { return "Computers/Servers" }
|
||||
"*vmware*" { return "Computers/Servers" }
|
||||
|
||||
# Mobile Devices
|
||||
"*apple*" {
|
||||
if ($DeviceName -like "*iphone*") { return "Mobile Phones" }
|
||||
return "Computers/Servers"
|
||||
}
|
||||
"*samsung*" { return "Mobile Phones" }
|
||||
"*huawei*" { return "Mobile Phones" }
|
||||
"*xiaomi*" { return "Mobile Phones" }
|
||||
"*oppo*" { return "Mobile Phones" }
|
||||
|
||||
# Printers
|
||||
"*xerox*" { return "Printers" }
|
||||
"*brother*" { return "Printers" }
|
||||
"*epson*" { return "Printers" }
|
||||
"*canon*" { return "Printers" }
|
||||
"*ricoh*" { return "Printers" }
|
||||
|
||||
# Cameras
|
||||
"*axis*" { return "Cameras" }
|
||||
"*hikvision*" { return "Cameras" }
|
||||
"*dahua*" { return "Cameras" }
|
||||
"*mobotix*" { return "Cameras" }
|
||||
"*bosch*" { return "Cameras" }
|
||||
|
||||
# IoT Devices
|
||||
"*nest*" { return "IoT Devices" }
|
||||
"*ring*" { return "IoT Devices" }
|
||||
"*sonos*" { return "IoT Devices" }
|
||||
"*philips*" { return "IoT Devices" }
|
||||
"*honeywell*" { return "IoT Devices" }
|
||||
"*amazon*" { return "IoT Devices" }
|
||||
"*google*" { return "IoT Devices" }
|
||||
|
||||
default { return "Other" }
|
||||
}
|
||||
}
|
||||
|
||||
# Get local subnet information
|
||||
$localIP = (Get-NetIPAddress | Where-Object {$_.AddressFamily -eq 'IPv4' -and $_.PrefixOrigin -eq 'Dhcp'}).IPAddress
|
||||
$subnet = $localIP -replace '\.\d+$', '.0/24'
|
||||
|
||||
# Initialize results array
|
||||
$deviceList = @()
|
||||
|
||||
# Ping sweep the network
|
||||
1..254 | ForEach-Object {
|
||||
$ip = $subnet -replace '0/24', $_
|
||||
$ping = Test-Connection -ComputerName $ip -Count 1 -ErrorAction SilentlyContinue
|
||||
|
||||
if ($ping) {
|
||||
# Get ARP entry for the IP
|
||||
$arpEntry = Get-NetNeighbor -IPAddress $ip -ErrorAction SilentlyContinue
|
||||
|
||||
if ($arpEntry -and $arpEntry.LinkLayerAddress -and $arpEntry.LinkLayerAddress -ne '000000000000') {
|
||||
$macAddress = $arpEntry.LinkLayerAddress
|
||||
$manufacturer = Get-MacVendor -MacAddress $macAddress
|
||||
$deviceName = try {
|
||||
[System.Net.Dns]::GetHostEntry($ip).HostName
|
||||
} catch {
|
||||
"Unknown"
|
||||
}
|
||||
|
||||
# Only add devices with valid MAC addresses and known manufacturers
|
||||
$deviceList += [PSCustomObject]@{
|
||||
IPAddress = $ip
|
||||
DeviceName = $deviceName
|
||||
MACAddress = $macAddress
|
||||
Manufacturer = $manufacturer
|
||||
Category = Get-DeviceCategory -Manufacturer $manufacturer -DeviceName $deviceName
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Display results
|
||||
Write-Host "`nNetwork Scan Results:`n" -ForegroundColor Green
|
||||
$deviceList | Format-Table -AutoSize
|
||||
|
||||
# Generate and display summary
|
||||
Write-Host "`nDevice Category Summary:`n" -ForegroundColor Green
|
||||
$deviceList | Group-Object Category | Select-Object @{
|
||||
Name = 'Category'
|
||||
Expression = {$_.Name}
|
||||
}, @{
|
||||
Name = 'Count'
|
||||
Expression = {$_.Count}
|
||||
} | Format-Table -AutoSize
|
||||
|
||||
# Export results to CSV (optional)
|
||||
$deviceList | Export-Csv -Path "NetworkScan_$(Get-Date -Format 'yyyyMMdd_HHmmss').csv" -NoTypeInformation
|
||||
Loading…
Reference in New Issue