{"id":18131680,"url":"https://github.com/mrtc0/scapy-knife","last_synced_at":"2025-04-15T23:03:18.958Z","repository":{"id":28046442,"uuid":"31542438","full_name":"mrtc0/scapy-knife","owner":"mrtc0","description":"The knife of Scapy","archived":false,"fork":false,"pushed_at":"2015-03-04T11:32:41.000Z","size":152,"stargazers_count":7,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-24T04:15:35.813Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mrtc0.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-03-02T13:54:11.000Z","updated_at":"2020-06-27T19:54:28.000Z","dependencies_parsed_at":"2022-09-04T01:21:49.985Z","dependency_job_id":null,"html_url":"https://github.com/mrtc0/scapy-knife","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrtc0%2Fscapy-knife","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrtc0%2Fscapy-knife/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrtc0%2Fscapy-knife/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrtc0%2Fscapy-knife/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mrtc0","download_url":"https://codeload.github.com/mrtc0/scapy-knife/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246126957,"owners_count":20727646,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-01T12:08:36.709Z","updated_at":"2025-03-30T18:31:29.784Z","avatar_url":"https://github.com/mrtc0.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# scapy-knife\nThe knife of Scapy\n\n## これはなに\n\nScapyを使ったツールキット.  \n\n## Usage\n\n### checkdns.py\n\npcapファイルからDNSによる問い合わせ先をVirusTotalでスキャンします.  \nVirusTotal APIが必要です.  \n  \n```\n# ./checkdns.py \u003cpcap\u003e\nWARNING: No route found for IPv6 destination :: (no default route?)\n[*] http://ourlittleponic.pw/\n    Kaspersky       malware site\n    Fortinet        malware site\n[*] http://freepicscenter.pw/\n[*] http://freecenterpics.pw/\n[*] http://picsfreecenter.pw/\n```\n  \n### arpspoof.py\n\nARP Spoofingを行うスクリプトです.  \n``` echo 1 \u003e /proc/sys/net/ipv4/ip_forward ``` でフォワーディングの設定をしておいてください.  \n第1引数に自身のMacアドレス, 第2引数にターゲットIPアドレス, 第3引数にルーターのIPアドレスを指定するなどしてください.  \n  \n```\n# ./arpspoof.py \u003cAttacker Physical Address\u003e \u003cTarget IP\u003e \u003cRouter IP\u003e\n\n```\n  \n### arpmonitor.py\n\nARPパケットの監視及び, ARP Spoofingの検知を行うスクリプトです.  \n  \n\n```\n# ./arpmonitor.py                                                                                                            \nWARNING: No route found for IPv6 destination :: (no default route?)\n{'192.168.1.108': '08:00:27:45:d0:59', '192.168.1.102': '00:8c:fa:yy:yy:yy', '192.168.1.2': 'dc:fb:02:xx:xx:xx'}\nRequest: 192.168.1.101 -\u003e 192.168.1.2  \nReply: dc:fb:02:xx:xx:xx -\u003e 192.168.1.2 \nRequest: 192.168.1.101 -\u003e 192.168.1.2  \nReply: dc:fb:02:xx:xx:xx -\u003e 192.168.1.2 \n[*] Detect Spoofing!!\n[*] 192.168.1.2 : dc:fb:02:xx:xx:xx to 08:00:27:45:d0:59\nReply: 08:00:27:45:d0:59 -\u003e 192.168.1.2 \nRequest: 192.168.1.2 -\u003e 192.168.1.108  \n[*] Detect Spoofing!!\n[*] 192.168.1.2 : dc:fb:02:xx:xx:xx to 08:00:27:45:d0:59\nReply: 08:00:27:45:d0:59 -\u003e 192.168.1.2 \n[*] Detect Spoofing!!\n[*] 192.168.1.2 : dc:fb:02:xx:xx:xx to 08:00:27:45:d0:59\nReply: 08:00:27:45:d0:59 -\u003e 192.168.1.2 \nReply: dc:fb:02:xx:xx:xx -\u003e 192.168.1.2 \n```\n  \n  \n### portscan/scan.py\n\nポートスキャナーです.  \nTCP SYN, ACK, FIN, Xmas, Nullスキャンができます(2015-03-03)  \nコンマ区切りでポートを指定してください. 指定がない場合はCommon Portsをスキャンします.  \n\n```\n# ./scan.py -t 192.168.1.109 -S \nWARNING: No route found for IPv6 destination :: (no default route?)\n[*]Result for 192.168.1.109 \n    Port         State\n    22           Open\n    80           Open\nScanned 82 ports, Closed 80 ports. 192.168.1.109\n  \n# scan.py -t 192.168.1.109 -p 22,80,443,12345,25252 -A\nWARNING: No route found for IPv6 destination :: (no default route?)\n[*]Result for 192.168.1.109 \n    Port         State\n    22           Unfiltered\n    80           Unfiltered\n    443          Unfiltered\n    12345        Filtered (Statefull)\n    25252        Filtered (Statefull)\nScanned 5 ports, Closed 0 ports. 192.168.1.109\n```\n  \n### ReturnSA.py\n\nパケット全てにSYN, ACKを返します.  \nなのでSYNスキャンではすべてのポートが開いているように見えます.  \nOSがRST, ACKを返さないようにiptablesを設定しておく必要があります.  \n  \n```\n# iptables -A OUTPUT -p tcp --tcp-flags ALL RST,ACK -d 192.168.1.101 -j DROP\n# netstat -antp\nActive Internet connections (servers and established)\nProto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name\n# ./returnSA.py\n```\n  \n```\n# nmap -sS 192.168.11.14                                                                                                                  \n\nStarting Nmap 6.47 ( http://nmap.org ) at 2015-03-04 20:22 JST\nNmap scan report for 192.168.1.101\nHost is up (4.2s latency).\nPORT      STATE SERVICE\n1/tcp     open  tcpmux\n3/tcp     open  compressnet\n4/tcp     open  unknown\n6/tcp     open  unknown\n7/tcp     open  echo\n9/tcp     open  discard\n13/tcp    open  daytime\n17/tcp    open  qotd\n19/tcp    open  chargen\n20/tcp    open  ftp-data\n21/tcp    open  ftp\n22/tcp    open  ssh\n23/tcp    open  telnet\n24/tcp    open  priv-mail\n25/tcp    open  smtp\n26/tcp    open  rsftp\n30/tcp    open  unknown\n32/tcp    open  unknown\n33/tcp    open  dsp\n~ snip ~\n```\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmrtc0%2Fscapy-knife","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmrtc0%2Fscapy-knife","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmrtc0%2Fscapy-knife/lists"}