Scapy
Scapy is a powerful Python-based interactive packet manipulation program and library.
It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, store or read them using pcap files, match requests and replies, and much more. It is designed to allow fast packet prototyping by using default values that work.
It can easily handle most classical tasks like scanning, tracerouting, probing,
unit tests, attacks or network discovery (it can replace hping, 85% of nmap,
arpspoof, arp-sk, arping, tcpdump, wireshark, p0f, etc.). It also
performs very well at a lot of other specific tasks that most other tools can't
handle, like sending invalid frames, injecting your own 802.11 frames, combining
techniques (VLAN hopping+ARP cache poisoning, VoIP decoding on WEP protected
channel, ...), etc.
Scapy supports Python 3.7+. It's intended to be cross platform, and runs on many different platforms (Linux, OSX, *BSD, and Windows).
Scapy is usable either as a shell or as a library. For further details, please head over to Getting started with Scapy, which is part of the documentation.
Scapy can easily be used as an interactive shell to interact with the network.
The following example shows how to send an ICMP Echo Request message to
github.com, then display the reply source IP address:
sudo ./run_scapy
Welcome to Scapy
>>> p = IP(dst="github.com")/ICMP()
>>> r = sr1(p)
Begin emission:
.Finished to send 1 packets.
*
Received 2 packets, got 1 answers, remaining 0 packets
>>> r[IP].src
'192.30.253.113'
The documentation contains more advanced use cases, and examples.
Other useful resources:
Scapy works without any external Python modules on Linux and BSD like operating systems. On Windows, you need to install some mandatory dependencies as described in the documentation.
On most systems, using Scapy is as simple as running the following commands:
git clone https://github.com/secdev/scapy
cd scapy
./run_scapy
To benefit from all Scapy features, such as plotting, you might want to install
Python modules, such as matplotlib or cryptography. See the
documentation and
follow the instructions to install them.
FAQs
Scapy: interactive packet manipulation tool
We found that scapy demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.