Bug: 72406260

Clone this repo:
  1. b4b5915 Add default code reviewers into OWNERS by Chih-Hung Hsieh · 5 weeks ago master
  2. 2244bd1 DO NOT MERGE by Xin Li · 10 weeks ago
  3. 53f0f53 merge in pi-release history after reset to master by gitbuildkicker · 1 year, 1 month ago pie-cts-release pie-cuttlefish-testing pie-gsi pie-platform-release pie-r2-release pie-r2-s1-release pie-r2-s2-release pie-release pie-release-2 pie-s2-release pie-vts-release android-9.0.0_r1 android-9.0.0_r10 android-9.0.0_r17 android-9.0.0_r18 android-9.0.0_r2 android-9.0.0_r3 android-9.0.0_r5 android-9.0.0_r6 android-9.0.0_r7 android-9.0.0_r8 android-9.0.0_r9 android-cts-9.0_r1 android-cts-9.0_r2 android-cts-9.0_r3 android-cts-9.0_r4 android-cts-9.0_r5 android-cts-9.0_r6 android-vts-9.0_r4 android-vts-9.0_r5 android-vts-9.0_r6 android-wear-9.0.0_r1 android-wear-9.0.0_r2 android-wear-9.0.0_r3
  4. 6384554 merge in pi-release history after reset to master by gitbuildkicker · 1 year, 1 month ago
  5. 08fc3a8 Snap for 4572138 from d6b412cfde0442650d6a05884e822a396702edfd to pi-release by android-build-team Robot · 1 year, 1 month ago


Travis Build Status AppVeyor Build Status Codecov Status PyPI Version Python Versions License: GPL v2 Join the chat at https://gitter.im/secdev/scapy

Scapy is a powerful Python-based interactive packet manipulation program and library.

It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, store or read them using pcap files, match requests and replies, and much more. It is designed to allow fast packet prototyping by using default values that work.

It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, wireshark, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can't handle, like sending invalid frames, injecting your own 802.11 frames, combining techniques (VLAN hopping+ARP cache poisoning, VoIP decoding on WEP protected channel, ...), etc.

Scapy supports Python 2.7 and Python 3 (3.3 to 3.6). It's intended to be cross platform, and runs on many different platforms (Linux, OSX, *BSD, and Windows).


Interactive shell

Scapy can easily be used as an interactive shell to interact with the network. The following example shows how to send an ICMP Echo Request message to github.com, then display the reply source IP address:

sudo ./run_scapy 
Welcome to Scapy
>>> p = IP(dst="github.com")/ICMP()
>>> r = sr1(p)
Begin emission:
.Finished to send 1 packets.
Received 2 packets, got 1 answers, remaining 0 packets
>>> r[IP].src

Python module

It is straightforward to use Scapy as a regular Python module, for example to check if a TCP port is opened. First, save the following code in a file names send_tcp_syn.py

from scapy.all import *
conf.verb = 0

p = IP(dst="github.com")/TCP()
r = sr1(p)

Then, launch the script with:

sudo python send_tcp_syn.py
IP / TCP > SA / Padding


To begin with Scapy, you should check the notebook hands-on and the interactive tutorial. If you want to learn more, see the quick demo: an interactive session (some examples may be outdated), or play with the HTTP/2 and TLS notebooks.

The documentation contains more advanced use cases, and examples.


Scapy works without any external Python modules on Linux and BSD like operating systems. On Windows, you need to install some mandatory dependencies as described in the documentation.

On most systems, using Scapy is as simple as running the following commands:

git clone https://github.com/secdev/scapy
cd scapy

To benefit from all Scapy features, such as plotting, you might want to install Python modules, such as matplotlib or cryptography. See the documentation and follow the instructions to install them.


Want to contribute? Great! Please take a few minutes to read this!