scapy
what is scapy
capy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can't handle, like sending invalid frames, injecting your own 802.11 frames, combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, ...), etc.
- scapy homepage

Scapy Infos
Scapy Documentation
Scapy 2005
Phil Biondi and Arnaud Ebalard Scapy and IPv6.pdf
Scapy Demo
Scapy Usage
Scapy Usage
Scapy Sans Quick Overview
Python Scapy

scapy install
Install newest scapy version
Download latest Scapy version
After downloading, you must unzip it, and create the build with the following commands 
		
		./setup.py build
		./setup.py install

Scapy Basic
Syn Scan
		sr1(IP(dst="192.168.1.1")/TCP(dport=80,flags="S"))
Simple Syn Packet to www.google.ch
		>>> sr1(IP(dst="www.google.ch")/TCP(dport=80,flags="S"))
		Begin emission:
		Finished to send 1 packets.
		*
		Received 1 packets, got 1 answers, remaining 0 packets
		>>
		>>>
Fix Source Port and a List of Dest Port
		sr(IP(dst="192.168.1.1")/TCP(sport=666,dport=(440,443),flags="S"))
Scan IP Range 
		sr(IP(dst="192.168.1.1/24")/TCP(sport=666,dport=(25),flags="S"))
Send a packet and view the answer 
		sr(IP(dst="192.168.2.200")/TCP(sport=RandShort(),dport=[80],flags="S"))
		ans,unans = _
		ans.summary()
Results in 
		>>> sr(IP(dst="192.168.2.200")/TCP(sport=RandShort(),dport=[80],flags="S"))
		Begin emission:
		Finished to send 1 packets.
		*
		Received 1 packets, got 1 answers, remaining 0 packets
		(, )
		>>> ans,unans = _
		>>> ans.summary()
		IP / TCP 192.168.2.100:61863 > 192.168.2.200:www S ==> IP / TCP 192.168.2.200:www > 192.168.2.100:61863 SA / Padding

Scapy Samples
scapy 3 Way Handshake
scapy icmp stuff
scapy DNS Testing
scapy code snippets
scapy IPv4 code
scapy IPv6 code
Python Samples

(c) 2009 by packetlevel.ch / last update: 07.11.2009