tessl/pypi-scapy
Interactive packet manipulation program and library for network security research and testing
- Workspace
- tessl
- Visibility
- Public
- Created
- Last updated
- Describes
'%3e%3cpath%20d='M3.389%209.069c0-.009.043-.033.029-.044L.029%207.77l3.287-1.197L6.574%207.77l.106.083.005%204-3.297%201.185V9.068ZM13.582%209.32V2.74l3.405%201.238v4.104L13.583%209.32ZM10.253%2014.66l-3.476%201.268v-4.027l3.476-1.313v4.072ZM10.253%2010.558l-3.476%201.239V7.784l3.476-1.268v4.042ZM10.253%2014.719v3.968L6.777%2020v-3.998l3.476-1.283ZM17%208.139v4.042l-3.418%201.239V9.378L17%208.138ZM3.3%2017.168%200%2015.943v-4.027l3.3%201.224v4.028ZM6.69%2011.916v4.027l-3.302%201.225v-4.072l3.301-1.18ZM6.69%203.743v4.012l-3.33-1.21V2.564l3.33%201.18Z'/%3e%3cpath%20d='M3.3%2013.066%200%2011.842V7.844l3.3%201.224v3.998ZM13.524%209.334l-.175.088.175-.014v4.027l-3.152%201.183-.06-.032v-3.983l1.986-.767-.111.006-1.876.657V6.531l3.213-1.224v4.027Zm-.263.133c-.065.008-.198.023-.233.088.065-.008.198-.023.233-.088Zm-.321.118c-.065.008-.198.023-.233.088.065-.009.198-.023.233-.088Zm-.321.118c-.066.008-.199.023-.234.088.065-.008.199-.023.234-.088ZM13.524%201.266v3.968l-3.213%201.195V2.46l3.213-1.194ZM10.253%202.475v3.968L6.777%207.726V3.743l3.476-1.268ZM8.2%204.458c-.304.064-.627.5-.708.79-.27.963.636%201.081%201.091.364.277-.437.354-1.308-.383-1.154ZM13.524%2013.51v3.983l-3.17%201.177c-.011%200-.043-.067-.043-.07v-3.895l3.213-1.195Zm-.884%201.63c-.495.085-1.068%201.015-.676%201.435.483.517%201.502-.636%201.147-1.246-.098-.169-.286-.221-.47-.19ZM10.165%202.387l-.037.065-3.395%201.249-3.345-1.212L6.88%201.21l3.285%201.178ZM13.437%201.177l-.088.073-3.057%201.127-3.034-1.082-.277-.133L10.151%200l3.286%201.177Z'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='a'%3e%3cpath%20fill='%23fff'%20d='M0%200h17v20H0z'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
To install, run
npx @tessl/cli install tessl/pypi-scapy@2.6.0index.mddocs/
Scapy
A powerful Python-based interactive packet manipulation program and library designed for network security, research, and testing. Scapy provides comprehensive capabilities for forging, decoding, sending, and capturing network packets across a wide range of protocols, enabling tasks like network scanning, tracerouting, probing, unit testing, security assessments, and network discovery.
Package Information
- Package Name: scapy
- Language: Python
- Installation:
pip install scapy - Version: 2.6.1
- License: GPL-2.0-only
Core Imports
from scapy.all import *For specific functionality:
from scapy.all import Ether, IP, TCP, UDP, ICMP, ARP
from scapy.all import sr, sr1, send, sendp, sniff
from scapy.all import rdpcap, wrpcap
from scapy.all import confBasic Usage
from scapy.all import *
# Create packets
packet = IP(dst="8.8.8.8")/ICMP()
ethernet_packet = Ether()/IP(dst="192.168.1.1")/TCP(dport=80)
# Send packets and receive responses
response = sr1(packet, timeout=2)
if response:
response.show()
# Capture packets
packets = sniff(count=10, filter="tcp port 80")
packets.summary()
# Read/write pcap files
packets = rdpcap("capture.pcap")
wrpcap("output.pcap", packets)
# Create complex protocols
dns_query = IP(dst="8.8.8.8")/UDP(dport=53)/DNS(rd=1, qd=DNSQR(qname="example.com"))
answer = sr1(dns_query)Architecture
Scapy is built around a flexible packet manipulation architecture:
- Packet Class: Universal packet representation supporting layered protocols
- Field System: Strongly-typed field definitions for protocol structures
- Layer Binding: Automatic protocol layer recognition and chaining
- Protocol Layers: 100+ implemented network protocols from L2 to L7
- Send/Receive Engine: Cross-platform network I/O with multiple socket types
- Analysis Framework: Packet lists, filtering, and statistical analysis tools
This design enables Scapy to handle any network protocol, craft custom packets with precise control, and serve as both an interactive tool and a programmatic library for network security research, testing, and analysis.
Capabilities
Core Packet System
Fundamental packet creation, manipulation, and field system. Provides the Packet base class, field types, and core operations for building and dissecting network packets.
class Packet:
def __init__(self, *args, **kwargs): ...
def show(self): ...
def summary(self) -> str: ...
def build(self) -> bytes: ...
def copy(self): ...
def getlayer(self, layer): ...
def haslayer(self, layer) -> bool: ...
class Raw(Packet):
def __init__(self, load: bytes = b""): ...
def bind_layers(lower, upper, **kwargs): ...Protocol Layers
Comprehensive implementation of network protocols from Layer 2 to Layer 7, including Ethernet, IP, TCP, UDP, wireless protocols, and application-layer protocols.
class Ether(Packet):
def __init__(self, dst: str = "ff:ff:ff:ff:ff:ff", src: str = None, type: int = None): ...
class IP(Packet):
def __init__(self, dst: str = "127.0.0.1", src: str = None, ttl: int = 64, **kwargs): ...
class TCP(Packet):
def __init__(self, sport: int = 20, dport: int = 80, seq: int = 0,
ack: int = 0, flags: int = 2, **kwargs): ...
class UDP(Packet):
def __init__(self, sport: int = 53, dport: int = 53, **kwargs): ...
class ICMP(Packet):
def __init__(self, type: int = 8, code: int = 0, **kwargs): ...
class DNS(Packet):
def __init__(self, rd: int = 1, qd: DNSQR = None, **kwargs): ...Send/Receive Operations
Network I/O functions for sending packets, receiving responses, capturing traffic, and managing network communication across different platforms.
def sr(x, promisc: bool = None, filter: str = None, timeout: float = None,
inter: float = 0, verbose: int = None, chainCC: bool = False,
retry: int = 0, multi: bool = False, **kwargs) -> tuple[SndRcvList, PacketList]: ...
def sr1(x, promisc: bool = None, filter: str = None, timeout: float = None,
verbose: int = None, retry: int = 0, **kwargs) -> Packet: ...
def send(x, inter: float = 0, loop: int = 0, count: int = None,
verbose: int = None, realtime: bool = None, **kwargs) -> None: ...
def sendp(x, inter: float = 0, loop: int = 0, count: int = None,
verbose: int = None, realtime: bool = None, iface: str = None, **kwargs) -> None: ...
def sniff(count: int = 0, store: bool = True, prn: callable = None,
filter: str = None, lfilter: callable = None, timeout: float = None,
iface: str = None, **kwargs) -> PacketList: ...
class AsyncSniffer:
def __init__(self, count: int = 0, store: bool = True, prn: callable = None,
filter: str = None, lfilter: callable = None, **kwargs): ...
def start(self): ...
def stop(self): ...
def join(self, timeout: float = None): ...
@property
def results(self) -> PacketList: ...Packet Analysis
Packet collection management, filtering, analysis, and visualization tools for working with captured network traffic and packet sequences.
class PacketList:
def summary(self) -> None: ...
def show(self) -> None: ...
def filter(self, func) -> PacketList: ...
def plot(self, **kwargs): ...
def conversations(self) -> dict: ...
class SndRcvList(PacketList):
def make_table(self, **kwargs): ...
def rdpcap(filename: str, count: int = -1) -> PacketList: ...
def wrpcap(filename: str, pkt: PacketList, **kwargs) -> None: ...Configuration and Utilities
Global configuration management, utility functions for data conversion, validation, file operations, and platform-specific functionality.
class Conf:
def configure(self, **kwargs): ...
# Global configuration object
conf: Conf
def hexdump(x: bytes) -> None: ...
def checksum(data: bytes) -> int: ...
def get_if_list() -> list[str]: ...
def get_if_addr(iff: str) -> str: ...
def valid_ip(ip: str) -> bool: ...
def valid_mac(mac: str) -> bool: ...Automation Framework
State machine framework for building automated network protocols, responding to network events, and creating interactive network services.
class Automaton:
def __init__(self): ...
def start(self): ...
def stop(self): ...
class ATMT:
@staticmethod
def state(name: str): ...
@staticmethod
def action(func): ...
@staticmethod
def receive(func): ...
@staticmethod
def timeout(func, timeout: float): ...