284 lines
8.1 KiB
PowerShell
284 lines
8.1 KiB
PowerShell
# MAC OUI Database (shortened for example, add more as needed)
|
|
$ouiDatabase = @{
|
|
'000000' = 'Xerox'
|
|
'000001' = 'Xerox'
|
|
'000002' = 'Xerox'
|
|
'000003' = 'Xerox'
|
|
'000004' = 'Xerox'
|
|
'000005' = 'Xerox'
|
|
'000006' = 'Xerox'
|
|
'00005E' = 'IANA'
|
|
'000105' = 'Cisco'
|
|
'000130' = 'Hewlett Packard'
|
|
'000156' = 'Cisco'
|
|
'000163' = 'Cisco'
|
|
'000164' = 'Cisco'
|
|
'000196' = 'Cisco'
|
|
'000197' = 'Cisco'
|
|
'0001C7' = 'Cisco'
|
|
'0001C9' = 'Cisco'
|
|
'000393' = 'Apple'
|
|
'000502' = 'Apple'
|
|
'000883' = 'Hewlett Packard'
|
|
'000A27' = 'Apple'
|
|
'000A95' = 'Apple'
|
|
'000D93' = 'Apple'
|
|
'000E7F' = 'Hewlett Packard'
|
|
'001018' = 'Broadcom'
|
|
'001094' = 'Apple'
|
|
'0011D8' = 'Dell'
|
|
'001225' = 'Dell'
|
|
'001279' = 'Cisco'
|
|
'001321' = 'Hewlett Packard'
|
|
'001408' = 'Zyxel'
|
|
'001500' = 'Dell'
|
|
'001635' = 'Cisco'
|
|
'001765' = 'Cisco'
|
|
'0019E3' = 'Apple'
|
|
'001B63' = 'Apple'
|
|
'001CC4' = 'Dell'
|
|
'001E8C' = 'Dell'
|
|
'002248' = 'Dell'
|
|
'002269' = 'Honeywell'
|
|
'00236C' = 'Apple'
|
|
'002500' = 'Apple'
|
|
'002538' = 'Samsung'
|
|
'0025BC' = 'Dell'
|
|
'002655' = 'Hewlett Packard'
|
|
'00306E' = 'Hewlett Packard'
|
|
'0050BA' = 'D-Link'
|
|
'006008' = 'D-Link'
|
|
'006097' = 'Dell'
|
|
'008865' = 'Yealink'
|
|
'00A050' = 'Cisco'
|
|
'080027' = 'Oracle'
|
|
'085700' = 'Dell'
|
|
'086266' = 'Yealink'
|
|
'10F005' = 'Cisco'
|
|
'14DAE9' = 'Dell'
|
|
'1803BB' = 'Hikvision'
|
|
'1C1B0D' = 'Yealink'
|
|
'28C68E' = 'NETGEAR'
|
|
'3497F6' = 'Dell'
|
|
'40B034' = 'Hikvision'
|
|
'44A689' = 'Hikvision'
|
|
'4C34BB' = 'Hikvision'
|
|
'54BF64' = 'Dell'
|
|
'588BF3' = 'Zyxel'
|
|
'5C260A' = 'Dell'
|
|
'64006A' = 'Dell'
|
|
'6C2B59' = 'Dell'
|
|
'70105C' = 'Cisco'
|
|
'742344' = 'Yealink'
|
|
'74E6E2' = 'Dell'
|
|
'847BEB' = 'Dell'
|
|
'8C89A5' = 'Dell'
|
|
'A01D48' = 'Dell'
|
|
'A4251B' = 'Avaya'
|
|
'A4BB6D' = 'Dell'
|
|
'B078F0' = 'Dell'
|
|
'B4E10F' = 'Dell'
|
|
'B80CD6' = 'Yealink'
|
|
'C80AA9' = 'Yealink'
|
|
'D067E5' = 'Dell'
|
|
'D4AE52' = 'Dell'
|
|
'D89EF3' = 'Dell'
|
|
'E0DB55' = 'Dell'
|
|
'E4F004' = 'Dell'
|
|
'E8B27C' = 'Dell'
|
|
'F04DA2' = 'Dell'
|
|
'F48E38' = 'Dell'
|
|
'F8B156' = 'Dell'
|
|
'F8BC12' = 'Dell'
|
|
'FC15B4' = 'Dell'
|
|
}
|
|
|
|
# Function to get MAC vendor from MAC address using our database
|
|
function Get-MacVendor {
|
|
param (
|
|
[string]$MacAddress
|
|
)
|
|
|
|
# Clean the MAC address and get first 6 characters
|
|
$oui = ($MacAddress -replace '[-:\.]', '').Substring(0, 6).ToUpper()
|
|
|
|
# Look up the manufacturer in our database
|
|
if ($ouiDatabase.ContainsKey($oui)) {
|
|
return $ouiDatabase[$oui]
|
|
}
|
|
return "Unknown"
|
|
}
|
|
|
|
# Function to categorize devices based on manufacturer
|
|
function Get-DeviceCategory {
|
|
param (
|
|
[string]$Manufacturer,
|
|
[string]$DeviceName
|
|
)
|
|
|
|
switch -Wildcard ($Manufacturer.ToLower()) {
|
|
# Network Infrastructure
|
|
"*cisco*" { return "Network Infrastructure" }
|
|
"*juniper*" { return "Network Infrastructure" }
|
|
"*aruba*" { return "Network Infrastructure" }
|
|
"*ubiquiti*" { return "Network Infrastructure" }
|
|
"*netgear*" { return "Network Infrastructure" }
|
|
"*d-link*" { return "Network Infrastructure" }
|
|
"*tp-link*" { return "Network Infrastructure" }
|
|
"*zyxel*" { return "Network Infrastructure" }
|
|
"*meraki*" { return "Network Infrastructure" }
|
|
"*fortinet*" { return "Network Infrastructure" }
|
|
|
|
# VoIP Phones
|
|
"*yealink*" { return "VoIP Phones" }
|
|
"*polycom*" { return "VoIP Phones" }
|
|
"*avaya*" { return "VoIP Phones" }
|
|
"*cisco-phone*" { return "VoIP Phones" }
|
|
"*grandstream*" { return "VoIP Phones" }
|
|
|
|
# Computers/Servers
|
|
"*dell*" { return "Computers/Servers" }
|
|
"*hp*" {
|
|
if ($DeviceName -like "*printer*") { return "Printers" }
|
|
return "Computers/Servers"
|
|
}
|
|
"*lenovo*" { return "Computers/Servers" }
|
|
"*oracle*" { return "Computers/Servers" }
|
|
"*vmware*" { return "Computers/Servers" }
|
|
|
|
# Mobile Devices
|
|
"*apple*" {
|
|
if ($DeviceName -like "*iphone*") { return "Mobile Phones" }
|
|
return "Computers/Servers"
|
|
}
|
|
"*samsung*" { return "Mobile Phones" }
|
|
"*huawei*" { return "Mobile Phones" }
|
|
"*xiaomi*" { return "Mobile Phones" }
|
|
"*oppo*" { return "Mobile Phones" }
|
|
|
|
# Printers
|
|
"*xerox*" { return "Printers" }
|
|
"*brother*" { return "Printers" }
|
|
"*epson*" { return "Printers" }
|
|
"*canon*" { return "Printers" }
|
|
"*ricoh*" { return "Printers" }
|
|
|
|
# Cameras
|
|
"*axis*" { return "Cameras" }
|
|
"*hikvision*" { return "Cameras" }
|
|
"*dahua*" { return "Cameras" }
|
|
"*mobotix*" { return "Cameras" }
|
|
"*bosch*" { return "Cameras" }
|
|
|
|
# IoT Devices
|
|
"*nest*" { return "IoT Devices" }
|
|
"*ring*" { return "IoT Devices" }
|
|
"*sonos*" { return "IoT Devices" }
|
|
"*philips*" { return "IoT Devices" }
|
|
"*honeywell*" { return "IoT Devices" }
|
|
"*amazon*" { return "IoT Devices" }
|
|
"*google*" { return "IoT Devices" }
|
|
|
|
default { return "Other" }
|
|
}
|
|
}
|
|
|
|
# Function to get MAC vendor from MAC address using our database
|
|
function Get-MacVendor {
|
|
param (
|
|
[string]$MacAddress
|
|
)
|
|
|
|
# Clean the MAC address and get first 6 characters
|
|
$oui = ($MacAddress -replace '[-:\.]', '').Substring(0, 6).ToUpper()
|
|
|
|
# Look up the manufacturer in our database
|
|
if ($ouiDatabase.ContainsKey($oui)) {
|
|
return $ouiDatabase[$oui]
|
|
}
|
|
return "Unknown"
|
|
}
|
|
|
|
# Function to categorize devices (kept same as previous version)
|
|
function Get-DeviceCategory {
|
|
param (
|
|
[string]$Manufacturer,
|
|
[string]$DeviceName
|
|
)
|
|
# ... (previous categorization logic) ...
|
|
}
|
|
|
|
# Get local subnet information
|
|
$localIP = (Get-NetIPAddress | Where-Object {$_.AddressFamily -eq 'IPv4' -and $_.PrefixOrigin -eq 'Dhcp'}).IPAddress
|
|
$subnet = $localIP -replace '\.\d+$', ''
|
|
|
|
# Fast parallel ping sweep to populate ARP cache
|
|
Write-Host "Performing rapid ping sweep..." -ForegroundColor Yellow
|
|
$pingJobs = 1..254 | ForEach-Object {
|
|
$ip = "$subnet.$_"
|
|
Start-Job -ScriptBlock {
|
|
param($ip)
|
|
Test-Connection -ComputerName $ip -Count 1 -ErrorAction SilentlyContinue
|
|
} -ArgumentList $ip
|
|
}
|
|
|
|
# Wait for all pings to complete
|
|
Wait-Job $pingJobs | Out-Null
|
|
Remove-Job $pingJobs
|
|
|
|
# Short delay to ensure ARP cache is updated
|
|
Start-Sleep -Seconds 2
|
|
|
|
# Get ARP cache
|
|
Write-Host "Retrieving network information..." -ForegroundColor Yellow
|
|
$arpCache = Get-NetNeighbor | Where-Object {
|
|
$_.State -ne 'Unreachable' -and
|
|
$_.LinkLayerAddress -ne '000000000000' -and
|
|
$_.LinkLayerAddress -ne $null
|
|
}
|
|
|
|
# Initialize results array
|
|
$deviceList = @()
|
|
|
|
# Process each valid ARP entry
|
|
foreach ($entry in $arpCache) {
|
|
if ($entry.LinkLayerAddress) {
|
|
$ip = $entry.IPAddress
|
|
$macAddress = $entry.LinkLayerAddress
|
|
|
|
# Only process if MAC address is valid (not zeros)
|
|
if ($macAddress -ne '000000000000') {
|
|
$manufacturer = Get-MacVendor -MacAddress $macAddress
|
|
$deviceName = try {
|
|
[System.Net.Dns]::GetHostEntry($ip).HostName
|
|
} catch {
|
|
"Unknown"
|
|
}
|
|
|
|
$deviceList += [PSCustomObject]@{
|
|
IPAddress = $ip
|
|
DeviceName = $deviceName
|
|
MACAddress = $macAddress
|
|
Manufacturer = $manufacturer
|
|
Category = Get-DeviceCategory -Manufacturer $manufacturer -DeviceName $deviceName
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
# Display results
|
|
Write-Host "`nNetwork Scan Results:`n" -ForegroundColor Green
|
|
$deviceList | Format-Table -AutoSize
|
|
|
|
# Generate and display summary
|
|
Write-Host "`nDevice Category Summary:`n" -ForegroundColor Green
|
|
$deviceList | Group-Object Category | Select-Object @{
|
|
Name = 'Category'
|
|
Expression = {$_.Name}
|
|
}, @{
|
|
Name = 'Count'
|
|
Expression = {$_.Count}
|
|
} | Format-Table -AutoSize
|
|
|
|
# Export results to CSV (optional)
|
|
$deviceList | Export-Csv -Path "NetworkScan_$(Get-Date -Format 'yyyyMMdd_HHmmss').csv" -NoTypeInformation |