What Is This Resource?
It’s all about the packets stupid!
The HTTP protocol and heck, the entire Internet, is dependent and committed to using the TCP/ IP and UDP Protocols (as well as a bunch of other variations).
Anyone reading this page should be aware of the importance of understanding how protocols work if you are to try to break the flow or attempt to ‘corrupt’ the transmission of ‘packets’. To those that are completely unfamiliar with packet behaviour then we strongly suggest that you learn about it.
Being able to spoof and ‘trick’ packets is a major weakness in network security and if you can master how to use the tools that we’ve listed below then you are in a great spot.
We’ve tried to list the ‘best packet crafting tools’ that we can find (and have used) but as most thing in IT the landscape is constantly evolving.
To submit a tool please click here or for further information on the range of hacking tools and software that we list please follow this link.
It's all well and good knowing the tools, but what about using Packet Crafting Tools on laptops, raspbery pi's and mobiles!
Click here for more information.
Last Updated: September 23rd, 2017
What is Hping?
Hping is a popular packet crafting tool used by penetration testers and IT Security auditors. Hping is essentially a command-line oriented TCP/ IP packet assembler and analyzer. This tool supports a wide variety of protocols such as TCP, UDP, ICMP and RAW-IP protocols. Hping also has a traceroute mode, the ability to send files between a covered channel, and various other features. Hping is a great tool to use when learning about TCP/ IP.
Is Hping Free?
Yes, Hping is free.
Does Hping Work on all Operating Systems?
This hacking tool works on Linux, MAC OSX and Windows operating systems.
What are the Typical Uses for Hping?
According to the developers, whilst hping was primarily used as a security tool in the past, it has many other uses including an In-depth port scanning, testing Firewall, manual path MTU discovery, testing networks using different protocols, TOS, fragmentation, remote OS fingerprinting, advanced traceroute, under all the supported protocols, TCP/ IP stacks auditing and remote uptime guessing.
What is Scapy?
Scapy is a very popular and useful packet crafting tool which works by manipulating packets. Scapy can decode packets from within a wide range of protocols, send them on the wire, capture, correlate send requests and replies, and more. Scapy can also be used to scan, traceroute, probe or discover networks. Our understanding is that Scapy can be used as a replacement for other tools like nmap, arpspoof, tcpdump, p0f, and others).
Is Scapy Free?
Yes, Scapy is free.
Does Scapy Work on all Operating Systems?
Scapy is compatible with Linux, Windows and MAC OS X operating systems.
What are the Typical Uses for Scapy?
Scapy can execute certain attacks that other tools are unable to, for example, being able to send invalid frames, inject 802.11 frames, combine technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel and more). In summary, this is a pretty damn cool tool. framework and we’d really value your feedback and comments regarding your experience in using Scapy.
What is Socat?
Socat is a command line utility that creates two bidirectional byte streams and trasnfer the data between them. Since the streams can be constructed from a huge set of different types of data sources and sinks, and because of many address options that may be applied to these streams, Socat can be used for various purposes.
Is Socat Free?
Yes, Socat is free.
Does Socat Work on all Operating Systems?
It works on Linux, Windows and MAC OSX operating systems.
What are the Typical Uses for Socat?
One of the uses of Socat is that it works similar to Netcat wherein it functions over a number of protocols and through pipes, devices files, sockets, a client for SOCKS4, proxy Connect etc. It gives logging, forking and dumping diferrent modes for interprocess communication and a lot more options. It can also be used to attack weak firewalls or even as a TCP fort forwarder.
What is Wireshark?
This tool is a network packet analyzer and this kind of tool will try to capture networks packets used for analysis, network troubleshooting, education, software and communications protocol development and display the packet data obtained as detailed as possible. Formerly named Ethereal, it was renamed to Wireshard in May of 2006 due to trademark issues. Wireshark is a cross platform that now uses the Qt widget in current releases to implement its user interface. If you know tcpdump, Wireshark is very similar to it, but has a graphical front-end and some integrated filtering and sorting options.
Wireshark support promiscuous mode that lets the user put network interface controllers into that mode, for them to see all traffic visible on that interface, not only the traffic directed to one of the interface’s configured addresses and broadcast/multicast traffic. But, when in promiscuous mode capturing with a packet analyzer on a port on a network switch, not all traffic through the switch is sent to the port where the capture is made, so capturing in this mode is not necessarily enough to see all network traffic. Various network taps such as Port Mirroring extend capture to any point on the network. Simple passive taps are greatly resistant to tampering. Wireshark 1.4 and later on GNU/Linux, BSD, and OS X, with libpcap 1.0.0 or later can also put wireless network interface controllers into monitor mode. When a remote computer machine captures packets and transmit the captured packets to a machine running Wireshark using the the protocol used by OmniPeek or the TZSP protocol, those packets are dissected by Wireshark, so it can analyze packets captured on a remote machine at the time that they are captured. In Wireshark, there are color codes and the users sees packets highlighted in black, blue and green. It helps users in identifying the types of traffic at one glance. Black color determines TCP packets with problems. Blue colors is the DNS traffic while Green is the TCP traffic.
Is Wireshark Free?
Wireshark is an open source and free packet analyzer. You can go to its website (https://www.wireshark.org/download.htmlZ) and download the installer that is compatible with your system.
Does Wireshark Work on all Operating Systems?
Wireshark uses pcap to capture packets and runs on OSX, GNU/Linus, Solaris, Microsoft Windows and other operating systems that are Unix like.
What are the Typical Uses for Wireshark?
People use Wireshark to troubleshoot problems with their network, examine problems with security, protocol implementations debugging and learn more about the network protocol internals.
What is Yersinia?
Yersinia is designed to take advantage of some weakness in various network protocols. It is also considered one of the valuable and most used security tool available.
Is Yersinia Free?
Yes, this tool is free to use.
Does Yersinia Work on all Operating Systems?
No, it only works for Linux and MAC OS X operating systems.
What are the Typical Uses for Yersinia?
Yersinia is used as a low-level attack tool that is useful for penetration testing. It is suited for many diverse attacks over multple protocols such as creating virtual neighbors, becoming the active roter in a Hot Standby Router Protocol scenario, becoming the root role in the Spanning Tree Protocol or faking DHCP replies.
[continued from top of page]