🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

nodescan

Package Overview
Dependencies
Maintainers
1
Versions
7
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

nodescan

Local network scanner with web interface

latest
Source
npmnpm
Version
0.7.1
Version published
Maintainers
1
Created
Source

Nodescan

npm npm Travis

NPM

I have a lot of things on my network and I don't even know what they are half the time. This is an alternative to fing which is pretty good, but you need to buy a license to get full control.

The main purpose of this is network recon to find and identify hosts.

Install

npm install -g

Develop

git clone https://github.com/walchko/nodescan.git
cd nodescan
npm install
npm link

OSX

brew install arp-scan

Linux

sudo apt-get install arp-scan

Usage

[kevin@Tardis nodescan]$ nodescan -h

  Usage: nodescan nodescan [options]

  Local network scanner with web interface

  Options:

    -h, --help              output usage information
    -V, --version           output the version number
    -d, --dev [interface]   network interface to use for scan, default: en1
    -l, --loc [location]    save file location, default location: ~
    -p, --port <port>       Http server port number, default: 8888
    -u, --update [seconds]  update time for arp-scan, default: 60 sec

Setup

For RPi, install this in /etc/systemd/system/nodescan.service, this will ensure it runs at start up.

[Service]
ExecStart=/usr/local/bin/nodescan -d eth0 -l /var/run
Restart=always
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=nodescan
User=root
Group=root
Environment=NODE_ENV=production

[Install]
WantedBy=multi-user.target

Then do:

sudo systemctl enable nodescan.service
sudo systemctl start nodescan.service

Now use a browser to go to <your rpi>:8888 and see the results.

You can also use sudo systemctl start|stop|status nodescan.service to start, stop, or find the current status of the server.

To Do

  • Scan hosts for open ports (easy) and figure out a smart way to put that on the web page (harder)
  • Save/recover network database from file, [having issues reading file back in]
  • Do I need to show the mac addr? Is there a better way to do that?
  • Maybe put a json interface?
  • Turn on/off web interface, then just use json to get info?
  • Add tests

Change Log

VersionDateComments
0.7.15 Nov 16Fixed file error
0.7.017 Jul 16Fixed readme
0.6.09 Jan 16Fixed MAC/IP issues with changing addresses, ensure root/sudo privileges, user define file save location
0.5.09 Jan 16Clean-up and fixes
0.4.08 Jan 16Clean-up and fixes
0.3.06 Jan 16Clean-up and fixes, still have a file error to fix
0.2.03 Jan 16Clean-up and fixes
0.1.01 Jan 16Initial commit

Keywords

arp-scan
network
scanner
nmap
mapper

FAQs

Package last updated on 05 Nov 2016

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Inside the GitHub Infrastructure Powering North Korea’s Contagious Interview npm Attacks

Research

Inside the GitHub Infrastructure Powering North Korea’s Contagious Interview npm Attacks

Socket Threat Research maps a rare inside look at OtterCookie’s npm-Vercel-GitHub chain, adding 197 malicious packages and evidence of North Korean operators.

By Kirill Boychenko  -  Nov 26, 2025
Shai Hulud Strikes Again (v2)

Research

/

Security News

Shai Hulud Strikes Again (v2)

Another wave of Shai-Hulud campaign has hit npm with more than 500 packages and 700+ versions affected.

By Socket Research Team  -  Nov 24, 2025