A curated list of tools, add-ons, articles or cool exploits using Scapy, the Python-based interactive packet manipulation program & library. Feel free to contribute!
You can also explore Scapy topics on GitHub!
Tools that use Scapy (a lot) or extend it.
Fun
- pwnagotchi - Your AI pet that hacks WiFI to grow. It's super cute.
DDoS
- ufonet - Create your own botnet to send untraceable DDoS attacks.
Wi-Fi.
- trackerjacker - Maps and tracks Wi-Fi networks and devices through raw 802.11 monitoring.
- wifiphisher - Create rogue access point.
IPv6
Measurements
- mtraceroute - Create cool graphs over multiple traceroute analysis.
- Network Security Toolkit (NST) - Includes an enhanced version of
mtraceroutewith IP Geolocation and GUI management. - netprobify - Network probing tool crafted for datacenters (but not only). Probing using: TCP, UDP or ICMP.
Protocols
- Cotopaxi - Set of tools for security testing of Internet of Things devices using specific network IoT protocols (AMQP, CoAP, DTLS, HTCPCP, KNX, mDNS, MQTT, MQTT-SN, QUIC, RTSP, SSDP) .
- project-memoria-detector - Determine whether a network device runs a specific embedded TCP/IP stack.
- routopsy - Toolkit to attack DRP & FHRP.
- TorPylle - Implementation of the OR (TOR) protocol.
Unit Tests
- Linux Kernel - Linux Traffic Control (tc) testing suite.
- OpenBSD - IPv6 stack testing suite.
- RIOT-OS - RIOT OS networking testing suite.
Visualization
- Scapy-Packet-Viewer - Minimal packet viewer similar to tshark/mitmproxy. Based on urwid.
Misc
- aioblescan - Scan and decode advertised BLE info.
- fenrir - Bypass wired 802.1x protection.
- flowsynth - Tool for rapidly modeling network traffic.
- Fragscapy - Fuzz network protocols by automating the modification of outgoing network packets.
- Habu - Toolkit with a lot of little hacking tools. Many of them use Scapy.
- mirage - Powerful and modular framework dedicated to the security analysis of wireless communications.
- netenum - A tool to passively discover active hosts on a network.
- net-creds - Sniff and catch all sensitive data on an interface.
- packetweaver - A Python framework for script filing and task sequencing.
- p0f3plus - An implementation of with extra analysis features.
- pysap - Interact with SAP using custom built frames & tools.
- Responder - LLMNR, NBT-NS and MDNS poisoner.
- scapy_unroot - Tooling to use Scapy without root permissions.
- scapy-benchmarks - A small test suite that tracks the evolution of Scapy's performance.
- sshame - Tool to brute force SSH public-key authentication.
- TIDoS Framework - The Offensive Manual Web Application Penetration Testing Framework.
- h2spacex - HTTP/2 low level library based on Scapy which can be used for Single Packet Attack (Race Condition on H2).
Exploits that use Scapy. This does not count the ones included by default
2024
- PPPwn (CVE-2006-4304) - Playstation 4 PPPoE RCE.
2022
- CVE-2021-28444 - Windows Hyper-V Security Feature Bypass Vulnerability.
2021
- CVE-2021-24086 - Analysis of a Windows IPv6 Fragmentation Vulnerability.
- fragattacks - Fragmentation & Aggregation Attacks.
2020
- CVE-2020-25577 - Bad Neighbor on FreeBSD: IPv6 Router Advertisement Vulnerabilities in rtsold.
- CVE-2020-16898 - Beware the Bad Neighbor: Analysis and PoC of the Windows IPv6 Router Advertisement Vulnerability.
2019
- CVE-2019-5597 - IPv6 fragmentation vulnerability in OpenBSD Packet Filter.
2018
- CVE-2018-4407 - A heap buffer overflow in the networking code in the XNU operating system kernel (iOS and macOS).
2017
- krackattacks-scripts - Test if clients or access points (APs) are affected by the KRACK attack against WPA2.
2016
- CVE-2016-6366 - The EXTRABACON exploit, a remote code execution for Cisco ASA written by the Equation Group (NSA) and leaked by the Shadow Brokers.
Misc
- isf - ISF (Industrial Control System Exploitation Framework). A suite that provides exploits various industrial protocols.
