Overview

Scapy is a Python packet manipulation library that enables crafting, sending, sniffing, and dissecting network packets at granular protocol layers. This skill covers using Scapy for security-relevant tasks including TCP/UDP/ICMP packet crafting, pcap file analysis, protocol field extraction, SYN scan implementation, DNS query analysis, and detecting anomalous traffic patterns such as unusually fragmented packets or malformed headers.

When to Use

When investigating security incidents that require analyzing network packets with scapy
When building detection rules or threat hunting queries for this domain
When SOC analysts need structured procedures for this analysis type
When validating security monitoring coverage for related attack techniques

Prerequisites

Python 3.8+ with scapy library installed (pip install scapy)
Root/administrator privileges for raw socket operations (sniffing, sending)
Npcap (Windows) or libpcap (Linux) for packet capture

Overview

When to Use

When investigating security incidents that require analyzing network packets with scapy
When building detection rules or threat hunting queries for this domain
When SOC analysts need structured procedures for this analysis type
When validating security monitoring coverage for related attack techniques

Prerequisites

Python 3.8+ with scapy library installed (pip install scapy)
Root/administrator privileges for raw socket operations (sniffing, sending)
Npcap (Windows) or libpcap (Linux) for packet capture

Analyzing Network Packets With Scapy

Overview

When to Use

Prerequisites

Analyzing Network Packets With Scapy

Overview

When to Use

Prerequisites

Steps

Expected Output

Session Logs

OpenClaw Test Heap Leaks

Node Connect

Openclaw Qa Testing

Openclaw Secret Scanning Maintainer

Flags