Scapy Project

What is Scapy?

Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tshark, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can’t handle, like sending invalid frames, injecting your own 802.11 frames, combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, …), etc.

Scapy runs natively on Linux, Windows, OSX and on most Unixes with libpcap (see scapy’s installation page). The same code base now runs natively on both Python 2 and Python 3.

Shell demo

$ sudo ./run_scapy -H
Welcome to Scapy (2.4.4.dev221)
>>> p = IP(dst="github.com")/ICMP()
>>> p
<IP  frag=0 proto=icmp dst=Net('github.com') |<ICMP  |>>
>>> r = sr1(p)
Begin emission:
Finished sending 1 packets.
.*
Received 2 packets, got 1 answers, remaining 0 packets
>>> r
<IP  version=4 ihl=5 tos=0x0 len=28 id=59762 flags= frag=0 ttl=57 proto=icmp
chksum=0x7792 src=140.82.121.4 dst=217.25.178.5 |<ICMP  type=echo-reply
code=0 chksum=0xffff id=0x0 seq=0x0 |>>

Help, documentation

Documents

• Official Online HTML documentation
• Scapy’s installation page
• ThePacketGeek’s Building Network Tools with Scapy tutorial
• Security Power Tools where Philippe Biondi wrote a complete chapter about Scapy.

Development

Scapy development uses Git version control system. Scapy reference repository is hosted on GitHub secdev/scapy.

It provides the ticket management service used for submitting patches or bugs.

• Submit patches
• Report bugs/wishes here
• Active tickets here
• Head over to Scapy’s GitHub Projects to see what is being worked on.

Slides

• Automotive Penetration Testing with Scapy - Troopers 2019 slides
• Scapy’s PacSec/core05 slides (printable version)
• Scapy’s Hack.lu 2005 slides
• Scapy’s Summerschool Applied IT Security 2005 slides
• Scapy’s T2’2005 slides
• Scapy’s CanSecWest/core05 slides
• Scapy’s LSM 2003 slides

Other documents about Scapy :

• (french) @p-l- blog posts on scapy
• You will also find an article in the French Linux Magazine #52

Mailing-list (very low activity)

Send questions, bug reports, suggestions, ideas, cool usages of Scapy, etc. To avoid spam, you must subscribe to the mailing list to post.

• To subscribe to the mailing-list, send a mail to scapy.ml-subscribe(at)secdev.org
• To send a mail to the mailing-list: scapy.ml(at)secdev.org

Known bugs

• May miss packets under heavy load
• BPF filters do not work on PPP interfaces

Related projects

• UTscapy: Unit Testing with scapy (shipped with Scapy 2.X+)
• Scapytain: a web application to store, organize and run test campaigns on top of Scapy (low project activity)

If you like Scapy, you can sponsor us on Github