What is Scapy?
Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tshark, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can’t handle, like sending invalid frames, injecting your own 802.11 frames, combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, …), etc.
Scapy runs natively on Linux, Windows, OSX and on most Unixes with libpcap (see scapy’s installation page). The same code base now runs natively on both Python 2 and Python 3.
$ sudo ./run_scapy -H Welcome to Scapy (2.4.4.dev221) >>> p = IP(dst="github.com")/ICMP() >>> p <IP frag=0 proto=icmp dst=Net('github.com') |<ICMP |>> >>> r = sr1(p) Begin emission: Finished sending 1 packets. .* Received 2 packets, got 1 answers, remaining 0 packets >>> r <IP version=4 ihl=5 tos=0x0 len=28 id=59762 flags= frag=0 ttl=57 proto=icmp chksum=0x7792 src=18.104.22.168 dst=22.214.171.124 |<ICMP type=echo-reply code=0 chksum=0xffff id=0x0 seq=0x0 |>>
- Official Online HTML documentation
- Scapy’s installation page
- ThePacketGeek’s Building Network Tools with Scapy tutorial
- Security Power Tools where Philippe Biondi wrote a complete chapter about Scapy.
It provides the ticket management service used for submitting patches or bugs.
- Submit patches
- Report bugs/wishes here
- Active tickets here
- Head over to Scapy’s GitHub Projects to see what is being worked on.
- Automotive Network Scans with Scapy - Troopers 2022 slides
- Automotive Penetration Testing with Scapy - Troopers 2019 slides
- Scapy’s PacSec/core05 slides (printable version)
- Scapy’s Hack.lu 2005 slides
- Scapy’s Summerschool Applied IT Security 2005 slides
- Scapy’s T2’2005 slides
- Scapy’s CanSecWest/core05 slides
- Scapy’s LSM 2003 slides
Other documents about Scapy :
Mailing-list (very low activity)
Send questions, bug reports, suggestions, ideas, cool usages of Scapy, etc. To avoid spam, you must subscribe to the mailing list to post.
- To subscribe to the mailing-list, send a mail to scapy.ml-subscribe(at)secdev.org
- To send a mail to the mailing-list: scapy.ml(at)secdev.org
- May miss packets under heavy load
- BPF filters do not work on PPP interfaces
- UTscapy: Unit Testing with scapy (shipped with Scapy 2.X+)
- Scapytain: a web application to store, organize and run test campaigns on top of Scapy (low project activity)
If you like Scapy, you can sponsor us on Github