scapy

Scapy is a Python tool for working with network packets at a low level. A packet is a small chunk of data that travels across a network, and every piece of internet communication, from loading a web page to sending an email, is made up of packets following specific rules called protocols. Scapy lets you build custom packets from scratch, send them over the network, capture incoming packets, and inspect or analyze what comes back.

It can be used in two ways: as an interactive shell you run in a terminal, or as a library you import into your own Python scripts. In the shell, you can type commands to construct and send packets one at a time and immediately see the responses. For example, you can send a ping to a server and read back the reply's source IP address in a few lines. As a library, you can write scripts that automate more complex network tasks.

Scapy knows how to build and parse a wide range of network protocols, which means it can handle many of the tasks that separate tools like ping, traceroute, nmap, tcpdump, and Wireshark each handle individually. The README notes that it can replace or replicate most of what those tools do, while also handling more unusual tasks they cannot, such as sending intentionally malformed packets or injecting custom Wi-Fi frames.

Typical uses include network scanning to discover what devices and services are on a network, packet capture and analysis, testing how network equipment responds to unusual traffic, and security research. It requires Python 3.7 or newer and runs on Linux, macOS, BSD, and Windows. On Linux and BSD it works with no extra dependencies; Windows requires a few additional packages. The code is licensed under GPL v2.