{"id":16161462,"url":"https://github.com/gamemann/packet-sequence","last_synced_at":"2025-07-25T00:14:59.974Z","repository":{"id":53052510,"uuid":"306471339","full_name":"gamemann/Packet-Sequence","owner":"gamemann","description":"A pen-test/DoS tool that can be used to send single or multiple packets in sequences with a lot of packet customization.","archived":false,"fork":false,"pushed_at":"2022-12-09T12:13:17.000Z","size":99,"stargazers_count":39,"open_issues_count":0,"forks_count":3,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-02T19:22:35.018Z","etag":null,"topics":["denial-of-service","dos","monitor","multithreaded","network","packet-generator","packet-sequence","pcktflood","pcktgen","pentest","pentest-scripts","pentest-tool","pentesting","pentesting-tools","security-tools"],"latest_commit_sha":null,"homepage":"https://moddingcommunity.com/","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gamemann.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-10-22T22:20:49.000Z","updated_at":"2025-02-16T12:56:13.000Z","dependencies_parsed_at":"2023-01-25T13:25:33.308Z","dependency_job_id":null,"html_url":"https://github.com/gamemann/Packet-Sequence","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/gamemann/Packet-Sequence","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gamemann%2FPacket-Sequence","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gamemann%2FPacket-Sequence/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gamemann%2FPacket-Sequence/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gamemann%2FPacket-Sequence/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gamemann","download_url":"https://codeload.github.com/gamemann/Packet-Sequence/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gamemann%2FPacket-Sequence/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":262642961,"owners_count":23341816,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["denial-of-service","dos","monitor","multithreaded","network","packet-generator","packet-sequence","pcktflood","pcktgen","pentest","pentest-scripts","pentest-tool","pentesting","pentesting-tools","security-tools"],"created_at":"2024-10-10T02:25:20.195Z","updated_at":"2025-06-29T18:03:32.738Z","avatar_url":"https://github.com/gamemann.png","language":"C","readme":"# Packet Sequence Program\n## Packet Batch (New Project Based Off Of Packet Sequence)\n[Packet Batch](https://github.com/Packet-Batch) is a newer project based off of Packet Sequence. It has more organization and supports special versions utilizing AF_XDP sockets and the DPDK which is **a lot** faster than what Packet Sequence uses (AF_PACKETv3 sockets). \n\nI would strongly suggest checking it out!\n\n## Description\nThis C program/tool for Linux allows you to specify one or more sequences inside a YAML config file to send outbound packets to a specific destination. Each sequence can modify many fields inside of the packet and supports many randomized values such as payloads, payload min/max length, source IP ranges (in CIDR), and more.\n\n**WARNING** - Please use this tool at your **own risk**. I am **not** responsible for any damage done and do **not** support using this tool for illegal operations such as targeted (D)DoS attacks. This tool was made for pen-testing and monitoring.\n\n## Requirements\n* [libyaml](https://github.com/yaml/libyaml) - A C library for parsing YAML config files.\n\n## Basic Command Line Usage\nYou may append `-h` when executing the application to see what command line parameters you may use. Please see below:\n\n```\nUsage: pcktseq -c \u003cconfigfile\u003e [-v -h]\n\n-c --cfg =\u003e Path to YAML file to parse.\n-l --list =\u003e Print basic information about sequences.\n-v --verbose =\u003e Provide verbose output.\n-h --help =\u003e Print out help menu and exit program.\n```\n\n[![demonstration](https://i.imgur.com/FxqpjpW.png)](https://www.youtube.com/watch?v=pLg_WMqwgzg)\n\n## Sequence Command Line Usage\nThere are command line options to replace all values within sequence #0. To use these, first, you'll need to specify the `-z` or `--cli` flag. Afterwards, you may use the following (all related to sequence #0).\n\n```\n--interface =\u003e The interface to send out of.\n--send =\u003e Whether to make the sequence send or not (only 1 is supported as of right now) (0/1).\n--block =\u003e Whether to enable blocking mode (0/1).\n--count =\u003e The maximum amount of packets supported.\n--time =\u003e How many seconds to run the sequence for maximum.\n--delay =\u003e The delay in-between sending packets on each thread.\n--data =\u003e The maximum amount of data (in bytes) we can send.\n--trackcount =\u003e Keep track of count regardless of it being 0 (read Configuration explanation for more information) (0/1).\n--threads =\u003e The amount of threads and sockets to spawn (0 = CPU count).\n--l4csum =\u003e Whether to calculate the layer-4 checksum (TCP, UDP, and ICMP) (0/1).\n\n--smac =\u003e The ethernet source MAC address to use.\n--dmac =\u003e The ethernet destination MAC address to use.\n\n--minttl =\u003e The minimum IP TTL to use.\n--maxttl =\u003e The maximum IP TTL to use.\n--minid =\u003e The minimum IP ID to use.\n--maxid =\u003e The maximum IP ID to use.\n--srcip =\u003e The source IP (one range is supported in CIDR format).\n--dstip =\u003e The destination IP.\n--protocol =\u003e The protocol to use (TCP, UDP, or ICMP).\n--tos =\u003e The IP TOS to use.\n--l3csum =\u003e Whether to calculate the IP header checksum or not (0/1).\n\n--usport =\u003e The UDP source port.\n--udport =\u003e The UDP destination port.\n\n--tsport =\u003e The TCP source port.\n--tdport =\u003e The TCP destination port.\n--tsyn =\u003e Set the TCP SYN flag (0/1).\n--tack =\u003e Set the TCP ACK flag (0/1).\n--tpsh =\u003e Set the TCP PSH flag (0/1).\n--trst =\u003e Set the TCP RST flag (0/1).\n--tfin =\u003e Set the TCP FIN flag (0/1).\n--turg =\u003e Set the TCP URG flag (0/1).\n--tcpusecooked =\u003e Use TCP cooked socket (0/1).\n\n--pmin =\u003e The minimum payload data.\n--pmax =\u003e The maximum payload data.\n--pstatic =\u003e Use static payload (0/1).\n--pexact =\u003e The exact payload string.\n--pfile =\u003e Whether to parse a file as the 'pexact' string instead.\n--pstring =\u003e Parse the 'pexact' string or file as a string instead of hexadecimal.\n```\n\n### Example\n```\n./pcktseq --cli --srcip 10.50.0.3 --dstip 10.50.0.4 --protocol \"udp\" --udport 8890 --count 0 --send 1 --interface \"ens18\" --pmin 30 --pmax 50 --pexact \"39 40 20 30 02 03\" --usport 3000 --l4csum 1 --l3csum 1 --dmac \"ae:21:14:4b:3a:6d\" --time 10\n```\n\n\n## Configuration\nThis program parses config files using the YAML [syntax](https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html). If no config file is specified with the `-c` or `--cfg` arguments, it will execute `/etc/pcktseq/config.yml` by default.\n\nHere is a YAML config showing the default value of every option available at this moment along with a description.\n\n```yaml\n# The interface to use when sending/(receiving) packets.\ninterface: NULL\n\nsequences:\n seq01:\n # An array of other configs to include before this sequence. WARNING - If this is used, you must write this at the beginning of the sequence like this example. Otherwise, unexpected results will occur (e.g. the current sequence will be overwritten). This is empty by default and only showing as an example.\n includes:\n - /etc/pcktseq/include_one.yaml\n - /etc/pcktseq/include_two.yaml\n\n # If set, will use a specific interface for this sequence. Otherwise, uses the default interface specified at the beginning of the config.\n interface: NULL\n\n # If true, this sequence will send outbound packets. True is the only supported mode at this moment.\n send: true\n\n # If true, future sequences will wait until this one finishes before executing.\n block: true\n\n # The maximum packets this sequence can produce before terminating.\n count: 0\n\n # The maximum bytes this sequence can produce before terminating.\n data: 0\n\n # How long in seconds this sequence can go on before terminating.\n time: 0\n\n # The amount of threads to spawn with this sequence. If this is set to 0, it will use the CPU count (recommended).\n threads: 0\n\n # The delay between sending packets on each thread in microseconds.\n delay: 1000000\n\n # If true, even if 'count' is set to 0, the program will keep a packet counter inside of each thread. As of right now, a timestamp (in seconds) and a packet counter is used to generate a seed for randomness within the packet. If you want true randomness with every packet and not with each second, it is recommended you set this to true. Otherwise, this may result in better performance if kept set to false.\n trackcount: false \n \n # Ethernet header options.\n eth:\n # The source MAC address. If not set, the program will retrieve the MAC address of the interface we are binding to (the \"interface\" value).\n smac: NULL\n\n # The destination MAC address. If not set, the program will retrieve the default gateway's MAC address.\n dmac: NULL\n \n # IP header options.\n ip:\n # Source ranges in CIDR format. By default, these aren't set, but I wanted to show an example anyways. These will be used if 'srcip' is not set.\n ranges:\n - 172.16.0.0/16\n - 10.60.0.0/24\n - 192.168.30.0/24\n \n # The source IPv4 address. If not set, you will need to specify source ranges in CIDR format like the above. If no source IP ranges are set, a warning will be outputted to `stderr` and 127.0.0.1 (localhost) will be used.\n srcip: NULL\n\n # The destination IPv4 address. If not set, the program will output an error. We require a value here. Otherwise, the program will shutdown.\n dstip: NULL\n\n # The IP protocol to use. At the moment, the only supported values are udp, tcp, and icmp.\n protocol: udp\n\n # The Type-Of-Service field (8-bit integer).\n tos: 0\n \n # The Time-To-Live field (8-bit integer). For static, set min and max to the same value.\n ttl:\n # Each packet generated will pick a random TTL. This is the minimum value within that range.\n min: 0\n\n # Each packet generated will pick a random TTL This is the maximum value within that range.\n max: 0\n \n # The ID field. For static, set min and max to the same value.\n id:\n # Each packet generated will pick a random ID. This is the minimum value within that range.\n min: 0\n\n # Each packet generated will pick a random ID. This is the maximum value within that range.\n max: 0\n\n # If true, we will calculate the IP header's checksum. If your NIC supports checksum offload with the IP header, disabling this option may improve performance within the program.\n csum: true\n\n # If true, we will calculate the layer-4 protocol checksum (UDP, TCP, and ICMP).\n l4csum: true\n\n # UDP header options.\n udp:\n # The source port. If 0, the program will generate a random number between 1 and 65535.\n srcport: 0\n\n # The destination port. If 0, the program will generate a random number between 1 and 65535.\n dstport: 0\n\n # TCP header options.\n tcp:\n # The source port. If 0, the program will generate a random number between 1 and 65535.\n srcport: 0\n\n # The destination port. If 0, the program will generate a random number between 1 and 65535.\n dstport: 0\n\n # If true, will set the TCP SYN flag.\n syn: false\n\n # If true, will set the TCP ACK flag.\n ack: false\n \n # If true, will set the TCP PSH flag.\n psh: false\n\n # If true, will set the TCP RST flag.\n rst: false\n\n # If true, will set the TCP FIN flag.\n fin: false\n\n # If true, will set the TCP URG flag.\n urg: false\n\n # If true, the socket will be setup as a cooked TCP socket. This establishes the three-way TCP handshake. WARNING - This makes the program ignore all of the headers. The only relevant information is the payload, destination IP, and port (must be static) when this is set to true.\n usetcpsocket: false\n\n # ICMP header options.\n icmp:\n # The code to use with the ICMP packet.\n code: 0\n\n # The type to use with the ICMP packet.\n type: 0\n\n # Payload options.\n payload:\n # Random payload generation/length.\n length:\n # The minimum payload length in bytes (payload is randomly generated).\n min: 0\n\n # The maximum payload length in bytes (payload is randomly generated).\n max: 0\n\n # If true, the program will only generate one payload per thread and generic the checksums once. In many cases, this will result in a huge performance gain because generating random payload per packet consumes a lot of CPU cycles depending on the payload length.\n static: false\n \n # If true, the program will read data from the file 'exact' (below) is set to. The data within the file should be in the same format as the 'exact' setting without file support which is hexadecimal and separated by a space (e.g. \"FF FF FF FF 59\").\n isfile: false\n\n # If true, will parse the payload (either in 'exact' or the file within 'exact') as a string instead of hexadecimal.\n isstring: false\n\n # If a string, will set the payload to exactly this value. Each byte should be in hexadecimal and separated by a space. For example: \"FF FF FF FF 59\" (5 bytes of payload data).\n exact: NULL\n```\n\nYou may look at the `tests/` directory for some examples of config files to use with this program.\n\n## Compiling\nYou may use `make` to compile this program. This will compile `libyaml` as well. Please look at the below examples.\n\n### Compiling Both LibYAML And The Program\n```\n# Clone the repo and libyaml via --recursive.\ngit clone --recursive https://github.com/gamemann/Packet-Sequence\n\n# Go into directory.\ncd Packet-Sequence\n\n# Some needed tools for libyaml.\n# apt-get install autoconf libtool\n\n# Compile both libyaml and the program.\nmake\n```\n\n### Compiling Just The Program\n```\n# Clone the repo and libyaml via --recursive.\ngit clone --recursive https://github.com/gamemann/Packet-Sequence\n\n# Go into directory.\ncd Packet-Sequence\n\n# Compile the program only.\nmake pcktsequence\n```\n\n## My Results\n### My Server Environment\nI am doing pen/performance testing in my home server environment which has the following:\n\n* [Intel Xeon L5640](https://ark.intel.com/content/www/us/en/ark/products/47926/intel-xeon-processor-l5640-12m-cache-2-26-ghz-5-86-gt-s-intel-qpi.html) with 6 cores and 12 threads at 2.26 GHz.\n* 32 GBs of DDR3 RAM.\n* 300 GBs HDD.\n* 1 gbps NIC (NIC is not used in most of my experiments).\n* Running [Proxmox](https://proxmox.com/en/).\n* Both the source and destination servers are VMs within the same environment. When using this program, I set the source and destination MAC addresses for both VMs. This results in the NIC not being used, but that's good because it allows me to see how much the CPU and Linux sockets can push out which is what I'm most concerned about.\n\n**Note** - I am building two custom home servers soon with modern parts and 10 - 40 gbps NICs. I will be doing pen-testing with them once built! I will release my results here when done.\n\n### Simple UDP Flood\nConfiguration can be found below:\n\n```yaml\ninterface: \"ens18\"\n\nsequences:\n one:\n send: true\n delay: 0\n time: 60\n\n eth:\n smac: \"1a:c4:df:70:d8:a6\"\n dmac: \"ae:21:14:4b:3a:6d\"\n\n ip:\n protocol: udp\n srcip: \"10.50.0.3\"\n dstip: \"10.50.0.4\"\n\n # Set static values for better performance.\n ttl:\n min: 64\n max: 64\n\n id:\n min: 0\n max: 0\n\n udp:\n srcport: 27000\n dstport: 8898\n\n payload:\n length:\n min: 61000\n max: 61000\n static: true\n```\n\nThis is a simple UDP flood that lasts 60 seconds.\n\nThis config resulted in my source VM sending **50 - 60 gbps** to my destination VM (all within the same environment as stated above). If `static` was set to `false`, it only resulted in around 10 - 20 gbps. This is because when static is set to false, random payload is generated for each packet. Since the packet length is 61 KBs, this resulted in a lot more load on the processor and whatnot.\n\n### Gaming Laptop Running Ubuntu 20.04 Desktop\nI was able to generate **~905 gbps** between two virtual interfaces on my [gaming laptop](https://www.newegg.com/fortress-gray-asus-tuf-gaming-tuf706iu-as76-gaming-entertainment/p/N82E16834235407) using the `tests/simple_udp_flood.yaml` config. As expected, this didn't use the laptop's NIC, but it shows how much the CPU, RAM, and NVMe can push out.\n\n![Laptop Benchmark](https://i.imgur.com/dMNZ0SA.png)\n\n## Additional Notes\n**Note #1** - This program is still in development and I am working to add more features while maintaining high performance. The outbound packet functionality is fully operational. I'm hoping to turn this tool into a network monitor tool by implementing sequence types that can receive specific packets and use the response in later sequences. With that said, I'd like to add an option to send HTTP/HTTPS requests if a receive sequence succeeds or fails after a specific timeout.\n\n## Credits\n* [Christian Deacon](https://github.com/gamemann)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgamemann%2Fpacket-sequence","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgamemann%2Fpacket-sequence","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgamemann%2Fpacket-sequence/lists"}