Skip to content

Scapy

Awesome Scapy Awesome

Scapy

A curated list of tools, add-ons, articles or cool exploits using Scapy, the Python-based interactive packet manipulation program & library. Feel free to contribute!

You can also explore Scapy topics on GitHub!

Tools

Tools that use Scapy (a lot) or extend it

Fun - pwnagotchi - Your AI pet that hacks WiFI to grow. It's super cute.

DDoS - ufonet - Create your own botnet to send untraceable DDoS attacks.

Wi-Fi. - trackerjacker - Maps and tracks Wi-Fi networks and devices through raw 802.11 monitoring. - wifiphisher - Create rogue access point.

IPv6 - Chiron - An IPv6 security assessment framework. - mitm6 - Performs MiTM for IPv6.

Measurements - mtraceroute - Create cool graphs over multiple traceroute analysis. - Network Security Toolkit (NST) - Includes an enhanced version of mtraceroute with IP Geolocation and GUI management. - netprobify - Network probing tool crafted for datacenters (but not only). Probing using: TCP, UDP or ICMP.

Protocols - Cotopaxi - Set of tools for security testing of Internet of Things devices using specific network IoT protocols (AMQP, CoAP, DTLS, HTCPCP, KNX, mDNS, MQTT, MQTT-SN, QUIC, RTSP, SSDP) . - project-memoria-detector - Determine whether a network device runs a specific embedded TCP/IP stack. - routopsy - Toolkit to attack DRP & FHRP. - TorPylle - Implementation of the OR (TOR) protocol.

Unit Tests - Linux Kernel - Linux Traffic Control (tc) testing suite. - OpenBSD - IPv6 stack testing suite. - RIOT-OS - RIOT OS networking testing suite.

Visualization - Scapy-Packet-Viewer - Minimal packet viewer similar to tshark/mitmproxy. Based on urwid.

Misc - aioblescan - Scan and decode advertised BLE info. - fenrir - Bypass wired 802.1x protection. - flowsynth - Tool for rapidly modeling network traffic. - Fragscapy - Fuzz network protocols by automating the modification of outgoing network packets. - Habu - Toolkit with a lot of little hacking tools. Many of them use Scapy. - mirage - Powerful and modular framework dedicated to the security analysis of wireless communications. - netenum - A tool to passively discover active hosts on a network. - net-creds - Sniff and catch all sensitive data on an interface. - packetweaver - A Python framework for script filing and task sequencing. - p0f3plus - An implementation of with extra analysis features. - pysap - Interact with SAP using custom built frames & tools. - Responder - LLMNR, NBT-NS and MDNS poisoner. - scapy_unroot - Tooling to use Scapy without root permissions. - scapy-benchmarks - A small test suite that tracks the evolution of Scapy's performance. - sshame - Tool to brute force SSH public-key authentication. - TIDoS Framework - The Offensive Manual Web Application Penetration Testing Framework.

Exploits

Exploits that use Scapy. This does not count the ones included by default

2022

  • CVE-2021-28444 - Windows Hyper-V Security Feature Bypass Vulnerability.

2021

  • CVE-2021-24086 - Analysis of a Windows IPv6 Fragmentation Vulnerability.
  • fragattacks - Fragmentation & Aggregation Attacks.

2020

  • CVE-2020-25577 - Bad Neighbor on FreeBSD: IPv6 Router Advertisement Vulnerabilities in rtsold.
  • CVE-2020-16898 - Beware the Bad Neighbor: Analysis and PoC of the Windows IPv6 Router Advertisement Vulnerability.

2019 - CVE-2019-5597 - IPv6 fragmentation vulnerability in OpenBSD Packet Filter.

2018

  • CVE-2018-4407 - A heap buffer overflow in the networking code in the XNU operating system kernel (iOS and macOS).

2017 - krackattacks-scripts - Test if clients or access points (APs) are affected by the KRACK attack against WPA2.

2016 - CVE-2016-6366 - The EXTRABACON exploit, a remote code execution for Cisco ASA written by the Equation Group (NSA) and leaked by the Shadow Brokers.

Misc - isf - ISF (Industrial Control System Exploitation Framework). A suite that provides exploits various industrial protocols.