Questions tagged [scapy]

Scapy is a network packet manipulation tool for use with Python.

What is Scapy?

Scapy is a network packet manipulation program for use with Python. It is able to:

forge or decode packets of a wide number of protocols
send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery. (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.)

What makes scapy different from most other networking tools?

You can build whatever packets you want, stack ARP on top of 802.11, use double 802.1q encapsulation or send an ICMP packet with padding, and send them over the wire.
Scapy does not interpret answers: unlike most tools, it won't say “this port is open” instead of “I received a SYN-ACK”. You are free to interpret the packets as you want
It reports everything: you see the padding, the reserved fields... Nothing is dismissed

Useful links:

Website: Scapy Project
Documentation: Read Scapy's documentation on ReadTheDocs
Issue Tracker: Scapy on Github
Scapy Chat: Scapy on Gitter

2198 questions

votes

1 answer

Scapy: Adding new protocol with complex field groupings

I'm trying to specify a new packet format using scapy. In the packet there is a list of items, and items consist of "grouped fields". By "grouped fields" I mean a sub-sequence of fields of different types. The only way of making "grouped fields"…

python scapy

asked Nov 10 '11 at 00:11

Oleksiy

6,337
5
41
58

votes

3 answers

PyX not installed correctly when using scapy

I am trying to use scapy in python 3.6 to parse pcap files, and of the features I am trying to use is pdfdump. from scapy.all import * packets = rdpcap('***path***/nitroba.pcap') for packet in packets[0:1]: …

python python-3.x scapy pdflatex pyx

asked Jun 18 '18 at 16:43

SockworkOrange

votes

2 answers

How to get my own local IP using scapy?

I couldn't find a way to find my local IP address using ONLY scapy (and not the Python's stdlib). The only workaround I found is sending a dummy package and using it to retrieve the address from the source field, but I don't feel like it is a good…

python ip scapy

asked Feb 28 '18 at 12:34

dec0de_d00dle

votes

0 answers

How to extract payload information and inbound/outbound ratio of packets from a pcap file?

I have a very large pcap file and I am looking to create a script to give me (in addition to the attributes that wireshark gives me), the payload and inbound/outbound ration of packets. I was thinking to use something like this below but I am not…

scapy pcap packet-capture

asked Feb 20 '18 at 11:19

user3755632

votes

1 answer

iterate through pcap file packet for packet using python/scapy

I want to iterate through a pcap file packet for packet using python/scapy. The file has multiple protocols. Current the iteration is protocol-specific, so the iteration makes a "jump" if the next packet is from another protocol. I don't know why it…

python-2.7 scapy pcap

asked Jun 08 '17 at 16:10

crappidy

votes

1 answer

parse pcap file with scapy

I am comparing scapy and dpkt in terms of speed. I have a directory with pcap files which I parse and count the http requests in each file. Here's the scapy code : import time from scapy.all import * def parse(f): x = 0 pcap = rdpcap(f) for p in…

python python-2.7 parsing scapy dpkt

asked Jan 16 '17 at 16:20

svink

votes

1 answer

Python scan for WiFi

I was searching for a program that can scan for WiFi networks and print all of the SSIDs. I tried with scapy but I failed. I am using the pyCharm editor. I tried this code: from scapy.all import * from scapy.layers.dot11 import Dot11 def…

python wifi python-3.5 scapy sniffer

asked Sep 24 '16 at 18:03

Luca dall'aglio

votes

1 answer

Why do my ath9k generated RadioTap headers seems malformed?

I'm collecting 802.11 packets using scapy on Ubuntu 16.04 (4.4 kernel). The RadioTap headers for my packets have the following present flags: present=TSFT+Flags+Rate+Channel+dBm_AntSignal+b14+b29+Ext Given the description of RadioTap, I would…

linux-device-driver scapy radiotap

asked Feb 26 '16 at 02:29

Rich Henry

1,837
15
25

votes

4 answers

Raw load found, how to access?

To start off, I have read through other raw answers pertaining to scapy on here, however none have been useful, maybe I am just doing something wrong and thats what has brought me here today. So, for starters, I have a pcap file, which started…

python scapy payload

asked Dec 15 '15 at 15:34

Colabambino

votes

2 answers

Writing to a pcap with scapy

I'm trying to write to a pcap file once I filter out all NBNS traffic. This is giving me a syntax error. from scapy.all import * Capture = raw_input("Enter file path of pcap file: " ) pcap = rdpcap(Capture) ports=137 filtered = (pkt for pkt in…

python pcap scapy

asked Nov 16 '15 at 16:55

Julie Brady

votes

3 answers

Scapy - the interface of a sniffed packet

I'm sniffing with scapy 2.2 on Windows 7 with Python 2.6. Is there a way I can recognize the interface of a sniffed packet? I thought about using the mac address to identify it, but is there a way to do it with scapy? something like this (doesn't…

python interface scapy

asked May 17 '15 at 09:39

ori

votes

2 answers

Get info string from scapy packet

I am using scapy 2.3.1-dev non-interactively (i.e. as a library) in a tool I am building. I would like to get a string of human-readable information about a packet, such as you get from scapy.all.Packet.show(). I have tried using all three of the…

python python-2.7 scapy

asked Mar 26 '15 at 21:05

nik

votes

3 answers

HTTP GET packet sniffer in Scapy

I am trying to code a simple sniffer in Scapy, which only prints HTTP packets with GET method only. Here's the code: #!/usr/bin/python from scapy.all import * def http_header(packet): http_packet=str(packet) if…

python http scapy sniffer

asked Dec 18 '14 at 16:32

Muhammad Suleman

votes

1 answer

New to scapy. Trying to understand the sr()

I am new to scapy and I am trying to use the sr and sr1 functions to understand their workings. I was trying to craft the following packet and I see that it has sent 1 packet but it says that it has received 581 packets. Can someone please help me…

python scapy

asked Sep 22 '14 at 18:25

Pradeep

votes

3 answers

Sending DHCP Discover using python scapy

I am new to python and learning some network programming, I wish to send an DHCP Packet through my tap interface to my DHCP server and expecting some response from it. I tried with several packet building techniques such a structs and ctypes and…

python network-programming scapy dhcp

asked Aug 04 '14 at 17:42

BeingNerd

Prev 1 2 3

…

99 100 Next