基于Windows的ARP攻击检测防护软件的设计模块包括：多种攻击检测并且遭受攻击时输出攻击类型网络拓扑图和日志查看扫描和保存局域网内活动主机的IP地址和MAC地址记录攻击源的IP地址和MAC 地址并且有一定的可视化界面。有多少个py文件用python基本代码详细实现

根据描述，这个软件需要至少包含以下几个模块：

1. ARP攻击检测模块
2. 网络拓扑图和日志查看模块
3. 局域网扫描和保存模块
4. 攻击源记录模块
5. 可视化界面模块

因此，至少需要5个py文件来实现这个软件。

以下是一个简单的实现示例：

1. arp_detection.py

import scapy.all as scapy

def detect_arp_attack(target_ip):
    result = False
    arp_request = scapy.ARP(pdst=target_ip)
    broadcast = scapy.Ether(dst="ff:ff:ff:ff:ff:ff")
    arp_request_broadcast = broadcast/arp_request
    answered, unanswered = scapy.srp(arp_request_broadcast, timeout=1, verbose=False)
    for packet in answered:
        if packet[1].psrc == target_ip and packet[1].hwsrc != packet[0].hwsrc:
            result = True
            print("[+] ARP attack detected: " + packet[1].hwsrc)
    return result

2. network_topology.py

import networkx as nx
import matplotlib.pyplot as plt

def draw_network_topology():
    G = nx.Graph()
    G.add_edge("Router", "Switch1")
    G.add_edge("Router", "Switch2")
    G.add_edge("Switch1", "PC1")
    G.add_edge("Switch1", "PC2")
    G.add_edge("Switch2", "PC3")
    G.add_edge("Switch2", "PC4")
    pos = nx.spring_layout(G)
    nx.draw_networkx_nodes(G, pos, node_color="white")
    nx.draw_networkx_edges(G, pos)
    nx.draw_networkx_labels(G, pos)
    plt.show()

def view_logs():
    with open("arp_attack_logs.txt", "r") as f:
        logs = f.read()
    print(logs)

3. lan_scan.py

import os

def scan_lan():
    ip_list = []
    os.system("arp -a > arp_table.txt")
    with open("arp_table.txt", "r") as f:
        lines = f.readlines()
        for line in lines:
            if "dynamic" in line:
                ip = line.split()[1]
                ip_list.append(ip)
    return ip_list

4. attack_source.py

def record_attack_source(ip, mac):
    with open("arp_attack_logs.txt", "a") as f:
        f.write("Attack source: IP = " + ip + ", MAC = " + mac + "\n")

5. gui.py

from tkinter import *
import arp_detection
import network_topology
import lan_scan
import attack_source

def detect_attack():
    ip = target_ip_entry.get()
    if arp_detection.detect_arp_attack(ip):
        result_label.config(text="ARP attack detected!")
        attack_source.record_attack_source(ip, mac)
    else:
        result_label.config(text="No ARP attack detected.")

def view_topology():
    network_topology.draw_network_topology()

def view_logs():
    network_topology.view_logs()

def scan_lan():
    ip_list = lan_scan.scan_lan()
    with open("lan_hosts.txt", "w") as f:
        for ip in ip_list:
            f.write(ip + "\n")
    result_label.config(text="LAN scan complete.")

root = Tk()
root.title("ARP Attack Detection and Prevention")

target_ip_label = Label(root, text="Target IP:")
target_ip_label.grid(row=0, column=0)

target_ip_entry = Entry(root)
target_ip_entry.grid(row=0, column=1)

detect_button = Button(root, text="Detect Attack", command=detect_attack)
detect_button.grid(row=1, column=0)

view_topology_button = Button(root, text="View Network Topology", command=view_topology)
view_topology_button.grid(row=1, column=1)

view_logs_button = Button(root, text="View Logs", command=view_logs)
view_logs_button.grid(row=2, column=0)

scan_lan_button = Button(root, text="Scan LAN", command=scan_lan)
scan_lan_button.grid(row=2, column=1)

result_label = Label(root, text="")
result_label.grid(row=3, column=0, columnspan=2)

root.mainloop()

以上代码只是一个简单的示例，实际实现中还需要根据具体需求进行修改和完善