Working around with Scapy


Today I’m writing about the very famous tool Python Scapy. You must be wondering how is this related to my internship project. Well, the translations that I have provided for particular matches and targets of iptables require some testing and verification. I’m using Scapy for carrying that out.


Why Scapy?

Because Scapy is powerful and interactive, provides various protocols and can easily handle scanning, tracerouting, probing, etc. It can forge and decode different types of packets, match requests and replies which is exactly what I needed for carrying out tests on my translations.

Scapy is an amazing tool and it can be used for carrying out many different tasks like ARP Cache poisoning, ARPing, exploit etherleak flaw, send packets at different layers and much more. I haven’t tried all of these functionalities and my work on Scapy at present is limited to forging the packets with particular attributes. I’m using Scapy 2.2.0


How to use Scapy?

Simple. Download and install Scapy and do

$ sudo scapy

That’s it. You have now successfully launched Scapy.

Now, in order to see the list of available protocols, type

>>> ls()

Sample output:


In order too see the list of available commands, type

>>> lsc()

Sample output:



Forging first packet with Scapy

Suppose we wish to create a TCP packet with TTL 20 then, all we have to do is the following:


You can also enter the protocol in string format, that is,

>>> a.proto="tcp"

Now, if you wish to see if the packet has been created with correct attributes, you can do the following:


Sample output:


Note that all the fields of a packet remain set to their default values unless changed.

So, this is how you can forge a packet with Scapy.

I’m also learning to use it and I’m using it for testing my translations, you can try it out for fun. It looks really captivating.

Thanks for reading.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s