You check your data usage and it is higher than expected for how little you have been online. Or you just moved into a new place and the previous tenant almost certainly kept the old WiFi password. Or a neighbor mentioned something that made you wonder whether they have ever been on your network. Whatever the reason, you want a list of every device connected to your WiFi right now.

The instinct most people have is to log into the router admin panel. Type 192.168.1.1 into a browser, find the connected devices section, and you get a table of MAC addresses and generic hostnames that do not tell you much. It works, after a fashion, but it is tied to your specific router's interface and only shows devices that have an active DHCP lease.

The cleaner approach is to scan directly from your Android phone using an ARP scanner. This gives you a real-time view of every device on the subnet - IP address, MAC address, vendor name, hostname - without needing router credentials and without the limitations of the DHCP lease table. Here is how to do it.

Why Your WiFi Might Have Unknown Devices on It

Most home WiFi networks accumulate more connected devices than the owner actively tracks. Smart TVs, streaming sticks, game consoles, a tablet that auto-reconnects, a printer that has been on the network since the previous decade, smart speakers, thermostats, robot vacuums. None of this is necessarily a problem, but it is noise that makes it harder to notice something that should not be there.

The more serious scenario is a device that got onto the network without your permission. A previous tenant who kept the password. A guest who shared it without asking. In some cases, a network that was still running on a weak or default passphrase. These devices consume your bandwidth and data, and you have zero insight into what they are doing on the local network.

One thing most router admin panels miss: they only show devices that currently have an active DHCP lease. A device that configured itself with a static IP address - manually set, not assigned by your router - may not appear in that list at all. A proper ARP scanner sends requests to every IP address in the subnet range and listens for replies, so it finds everything that is actually present, regardless of how it obtained its address.

What Android Can Tell You Natively

Android does not include a built-in network scanner. The Settings app will tell you your own IP address, gateway, DNS servers, signal strength, and MAC address. It shows nothing about other devices on the same network. That is a different operation entirely, one that requires sending packets and listening for responses across the subnet.

To discover neighboring devices, you need an app that can issue ARP (Address Resolution Protocol) requests. ARP is the mechanism by which devices on a local network map IP addresses to MAC addresses. An app that probes each address in the range and collects replies can build a real-time map of everything active on the network. Android permits this from regular user space, so root is not required.

How to Scan Your WiFi with Network Toolkit

Get Network Toolkit on Google Play and make sure your phone is connected to the WiFi network you want to inspect. The scanner can only see the network it is on.

  1. Open Network Toolkit after installing. From the home screen, tap the WiFi Scanner or Network Scanner option.
  2. Tap Scan to begin. The app will probe your entire subnet - typically a /24 range like 192.168.1.0/24 or 192.168.0.0/24 - using ARP requests.
  3. Watch devices populate the results list as they respond. A typical home network scan completes in 15 to 45 seconds.
  4. Review each result. For every device you will see: IP address, MAC address, hostname (if the device broadcasts one), and vendor name (derived from the MAC OUI prefix).
  5. Tap any device in the list for a detail view. From there you can ping the device to confirm it is actively responding, or run a port scan to see which services it is exposing.
  6. Go through every result and match it to a device you recognize. Your own phone will be in the list. So will your router, your laptop, your smart TV, your streaming stick, your printer. Anything left over is either a device you forgot about or something worth a closer look.
  7. If you find a device you cannot account for, write down its MAC address and vendor name before taking any action. You will need those details.

No router credentials, no complicated configuration.

What the Scan Results Actually Mean

The two most useful fields in a scan result are the hostname and the vendor name.

Hostname: Many devices broadcast a readable name on the local network. A Windows PC might appear as DESKTOP-XXXXXX or whatever name was set during setup. Smart home devices often use names like "Philips-Hue-Bridge" or "Echo-4th-Gen". If a device shows no hostname at all, that is worth noting - many cheap IoT devices and some phones do not broadcast one.

Vendor name: The first six hex digits of any MAC address are the OUI (Organizationally Unique Identifier), registered to the manufacturer. "Samsung Electronics" tells you it is a Samsung device. "Espressif Inc." means an ESP8266 or ESP32-based device, common in both commercial IoT products and DIY projects. "Raspberry Pi Foundation" means someone has a Pi on your network. An unknown vendor almost always means MAC address randomization is in play, not necessarily an intruder.

IP address: Your router hands out IPs from a DHCP pool, usually starting at .100 or .2 and going up. A device sitting at an address outside that pool, or at a very high number like .200 when your pool ends at .150, may have set a static IP manually. Interesting to note, though not automatically suspicious.

MAC randomization: Modern Android phones use a randomized MAC address per network to prevent device tracking. This means your own phone might show up as unknown vendor in a scan from another device. Do not treat every unknown vendor as evidence of an intruder - account for your own devices first.

Comparing Methods for Seeing Who Is on Your WiFi

MethodRequires Router LoginFinds Static IP DevicesWorks from Phone
Router admin panel (192.168.1.1)YesSometimesYes, via browser
Android ARP scanner (Network Toolkit)NoYesYes
ISP router mobile appYes (ISP account)SometimesYes
nmap on a desktopNoYesNo
Dedicated hardware monitorNoYesYes (via app)

For a first check on your home network with no setup required, the Android ARP scanner is the obvious starting point. You are already on the network, and the app needs nothing else to run.

What to Do After Spotting an Unknown Device

Work through this checklist before assuming the worst.

Account for all your devices first. List every WiFi-capable device in your home: phones, laptops, tablets, smart TV, streaming sticks, game consoles, WiFi printer, smart speakers, smart plugs, thermostats, doorbell camera, robot vacuum, WiFi light switches. Most people have more than they expect. Match each scan result to something on that list using vendor names and hostnames as clues.

Cross-reference the vendor names. "Amazon Technologies" is almost certainly an Echo, Kindle, or Fire device. "Nintendo" is obvious. "Sonos" is a Sonos speaker. "TP-Link" might be a range extender you forgot you installed. Go through every vendor before flagging anything as suspicious.

If you still have something unaccounted for, change your WiFi password immediately. Log into your router, go to the wireless settings, and change the WPA2 or WPA3 passphrase. Every device on the network gets dropped and must reconnect with the new password. Your devices reconnect when you re-enter the new password on them. Unauthorized devices cannot reconnect.

Rescan after the change. If the device disappears, it was using your old password and is now locked out. If it reappears, either someone you trusted re-shared the new password, or WPS is enabled on your router. WPS (WiFi Protected Setup) is a known vulnerability that lets devices connect using a PIN rather than the full passphrase. Disable WPS in your router settings - it is rarely needed and poses unnecessary risk.

Network Toolkit makes this whole process straightforward from your phone. Download it, connect to your WiFi, and you will have a full device list in under two minutes.

Frequently Asked Questions

Q: Do I need root to scan my WiFi on Android? A: No. ARP scanning works from regular user space on Android. Network Toolkit does not require root access for the WiFi scanner. Root is only needed for lower-level operations like raw packet capture, which is a different use case entirely.

Q: Why does my router admin panel show different devices than the scanner? A: The router panel shows devices that have an active DHCP lease, including recently disconnected devices whose lease has not yet expired. The ARP scanner shows devices that are actively present on the network and responding to probes right now. The scanner gives you the more current, accurate picture of who is actually online.

Q: Can I scan a network I am not connected to? A: No, and that is by design. ARP is a Layer 2 protocol that only works within the local broadcast domain of the network your device is on. You cannot scan a neighbor's network or any remote network. To scan a network, you need to be connected to it.

Q: A device shows as unknown vendor. Is that automatically suspicious? A: Not necessarily. Modern Android phones use per-network randomized MAC addresses to prevent tracking. That randomized MAC does not match any registered OUI, so it shows up as unknown vendor. If you account for all your Android devices and still have unknown vendor entries, then yes, investigate further.

Q: I changed my password but the same device came back on the new network. Why? A: Check whether WPS (WiFi Protected Setup) is enabled on your router. WPS allows a device to join a network using a PIN, bypassing the password entirely. If WPS is on, a device that knows the PIN can reconnect regardless of password changes. Disable WPS in your router settings.

Q: How often should I scan my home network? A: There is no fixed rule. Scanning after initial setup, after having guests over who used your WiFi, and any time you notice your data usage seems higher than expected covers most situations. A monthly check is a reasonable routine.

Q: Is it legal to scan my own WiFi network? A: Yes, scanning a network you own or have explicit permission to scan is entirely legal. Using a scanner on a network you do not own or have authorization to test is illegal under computer fraud and unauthorized access laws in most jurisdictions.