drop multiple arp table dumps or pcap with arp traffic · reconstruct the history of which mac was at which ip · detect mac address changes indicating spoofing or device swap · identify arp poisoning attempts · runs locally
arp sources
drop arp dumps / pcap
or click
windows arp -a · linux ip neigh · gratuitous ARP in pcap
drop arp -a dumps and/or pcap with ARP traffic