Questions tagged [scapy]

Scapy is a network packet manipulation tool for use with Python.

What is Scapy?

Scapy is a network packet manipulation program for use with Python. It is able to:

forge or decode packets of a wide number of protocols
send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery. (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.)

What makes scapy different from most other networking tools?

You can build whatever packets you want, stack ARP on top of 802.11, use double 802.1q encapsulation or send an ICMP packet with padding, and send them over the wire.
Scapy does not interpret answers: unlike most tools, it won't say “this port is open” instead of “I received a SYN-ACK”. You are free to interpret the packets as you want
It reports everything: you see the padding, the reserved fields... Nothing is dismissed

Useful links:

Website: Scapy Project
Documentation: Read Scapy's documentation on ReadTheDocs
Issue Tracker: Scapy on Github
Scapy Chat: Scapy on Gitter

2198 questions

votes

2 answers

Calculate bandwidth usage per IP with scapy, iftop-style

I'm using scapy to sniff a mirror port and generate a list of the top 10 "talkers", i.e. a list of hosts using the most bandwidth on my network. I'm aware of tools already available such as iftop and ntop, but I need more control over the…

asked Jan 13 '14 at 15:32

Banjer

8,118
5
46
61

votes

1 answer

Get IP addresses from PCAP file in scapy

Is there a smart and fast way to get all IP addresses from a PCAP file? I need only (destination address, source address) tuples. Currently I'm using Scapy's rdpcap function like this: from scapy.all import * pcap = rdpcap('file.pcap') ips =…

optimization pcap scapy

asked Nov 20 '13 at 10:23

reox

5,036
11
53
98

votes

1 answer

Scapy PcapReader and packets time

I'm reading a PCAP file using Scapy using a script such as the (semplified) following one: #! /usr/bin/env python from scapy.all import * # ... myreader = PcapReader(myinputfile) for p in myreader: pkt = p.payload print pkt.time In this…

python capture pcap packet-capture scapy

asked Nov 07 '12 at 09:05

auino

1,644
5
23
43

votes

1 answer

how to add http headers to a packet sniffed using scapy

I am trying to sniff an out going http packet using scapy, add a few new http headers in it and send it ahead. The intention here is to only insert new headers while keeping the packet intact. At max any checksum recalculation should be done if…

python http network-programming packet-sniffers scapy

asked Oct 22 '12 at 18:50

fkl

5,412
4
28
68

votes

1 answer

Network bridge using Scapy and Python

I am creating a network bridge that connects two ethernet cards on the same machine. One of the cards is connected to the LAN and the other is connected to a network device. It looks something like this, I am sniffing packets on both the interfaces…

python network-programming scapy

asked Sep 27 '12 at 10:16

Abhinav

votes

1 answer

Specify timestamp on each packet in Scapy?

With Scapy, when I create a packet and write it to a pcap file, it sets the timestamp of the packet to the current time. This is my current usage. 1335494712.991895 being the time I created the packet: >>> a =…

python scapy

asked Apr 27 '12 at 02:47

gak

32,061
28
119
154

votes

2 answers

Recognize telnet protocol with Scapy python

I am reading a Pcap file with Scapy. How can I recognize if, in this pcap file, there is a packet that uses the Telnet protocol? I see that Scapy can write 'telnet' into dport/sport only if 1 of those ports is 23, but if I am using another port for…

python telnet scapy

asked May 05 '21 at 15:57

MicrosoctCprog

votes

0 answers

Capturing CTS frame with Scapy and python

I have my WiFi card in monitoring mode and listening packages from Python with Scapy. I'm also sending RTS request and hoping to pickup CTS reply but it never happens. (I expect it to be type 1, subtype=12.) Am I sending RTS package the right way?…

python scapy

asked Oct 12 '17 at 17:17

Ibiza

votes

2 answers

ICMP Ping packet is not generating a reply when using Scapy

I recently began exploring Scapy. A wonderful tool indeed! I have a problem... When I monitor my network card using Wireshark and I do a regular ping from the systems command prompt with the standard PING installation, wireshark pops up with "Ping…

python ping scapy

asked Nov 22 '10 at 13:23

Andesay

votes

1 answer

scapy: get DNSQR / DNSRR field values in symbolic/string form

I'm trying to decode DNS traffic and print query/response data and I'm using python/scapy to decode the packets. A code snippet: def dns_sniff_v2(pkt): if IP in pkt: if pkt.haslayer(DNS): dns = pkt.getlayer(DNS) …

python dns scapy

asked Jan 05 '17 at 17:13

André Fernandes

2,335
3
25
33

votes

1 answer

Sending a packet over physical loopback in scapy

I've recently discovered Scapy & it looks wonderful I'm trying to look at simple traffic over a physical loopback module / stub on my NIC. But Scapy sniff doesn't give anything What I'm doing to send a packet is: payload = 'data'*10 snf =…

python linux networking scapy

asked Dec 15 '16 at 14:19

YNWA

votes

1 answer

Scapy: Using a PacketListField to dissect multiple packets contained in a packet

I am trying to dissect packets, which encapsulate another packet-like structure, called "tags". The structure looks like this +---------+ |Ether | +---------+ |IP | a tag +---------+ |UDP | …

python packet scapy bacnet

asked Nov 17 '15 at 11:58

vicco

1,049
2
14
33

votes

2 answers

Ack number to acknowledge data in scapy

I'm playing around with scapy, trying to do a nmap-like, I succeeded doing a three way handshake and I automatically receive data if I connect to a smtp server but I can't acknowledge it. I have connected to it via netcat to see why it wouldn't work…

python network-programming scapy

asked Nov 02 '15 at 11:29

Jeff Bencteux

1,406
16
27

votes

3 answers

Scapy in Python script

I'm writing a script in Python which use Scapy but my problem is that the exception is: i = IP() NameError: global name 'IP' is not defined This is my script: import random from scapy import * import threading import…

python scapy

asked Aug 28 '15 at 07:32

Ron Halfon

votes

1 answer

Scapy SYN send on our own IP address

I tried to send SYN packets on my local network and monitoring them with Wireshark and everything works just fine, except when i try to send a packet to my own ip address it "seems" to work because it says Sent 1 packet, but it is not really sent, i…

python generator send packet scapy

asked Jul 10 '10 at 01:44

Nolhian

Prev 1 2 3

…

99 100 Next