scapy

scapy [options] [expression]

-h, --help
    Show help message and exit.

-v, --verbose
    Increase verbosity level (can be used multiple times).

-q, --quiet
    Decrease verbosity level (can be used multiple times).

-D, --debug
    Enable debug mode.

-I, --interactive
    Enter interactive mode after processing command-line arguments.

-s , --startup
    Specify a startup script to execute.

-c , --command
    Execute commands from file.

-x , --exec
    Execute a Python expression.

-w , --write
    Write packets to a pcap file.

-r , --read
    Read packets from a pcap file.

-n , --count
    Number of packets to send or receive. Defaults to infinity when appropriate.

-iface , --iface
    Network interface to use.

Scapy is a powerful interactive packet manipulation program.
It allows users to forge, sniff, dissect and send network packets.
Scapy can handle a variety of protocols including Ethernet, IP, TCP, UDP, ARP, ICMP, DNS, and more. It is a versatile tool for network security testing, protocol analysis, and network troubleshooting. Scapy provides an interactive shell where users can define packets programmatically and send them.
It also provides functionalities for sniffing packets on the network. Its flexibility and programmability make it a favored tool for cybersecurity professionals, network administrators, and researchers. Scapy is written in Python and can be easily extended with custom protocols and functions. It excels at tasks such as network discovery, vulnerability scanning, and developing network exploits.
Unlike many other tools, Scapy gives you direct control over the packets being sent and analyzed. You can build packets from scratch or dissect existing packets to analyze their structure and contents.

Scapy requires root privileges for many of its operations, especially those involving sending and sniffing packets.
Certain functionalities may be limited or require specific kernel modules to be loaded.

Scapy allows users to construct packets by specifying the protocol layers and their corresponding fields.
Packets can be built layer by layer, providing granular control over their content. For example, an IP packet can be constructed with a specific source and destination IP address, along with TTL value.

Scapy is capable of sniffing packets from a network interface.
It allows for filtering based on protocols, source/destination addresses and ports, and other criteria. Sniffed packets can be analyzed in real-time or saved to a pcap file for later analysis.

Scapy's interactive mode provides a Python interpreter integrated with Scapy's packet manipulation functions.
It enables the user to define packets, send them, receive them and analyze the received packets using standard Python syntax.

Scapy was originally developed by Philippe Biondi and has been actively maintained and expanded by a community of contributors.
It was designed to address the limitations of existing packet manipulation tools and to provide a flexible and programmable environment for network analysis and security testing.
Over the years, Scapy has become a standard tool in the cybersecurity field, used for tasks ranging from simple packet sniffing to complex network simulations and exploit development.

tcpdump(1), wireshark(1)