The Art of Packet crafting with Scapy!
Session - Intro
Scapy is a powerful interactive packet manipulation framework. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery.
This workshop is an Intense, lab driven, hands-on session about crafting packets with Scapy framework.
Focused on going beyond traditional network mapping tools/techniques, understanding network attacks and writing your own network tools by leveraging Scapy.
This course is jam-packed with hands-on exercises which include but not limited to practical pen testing techniques like host discovery, service discovery, Remote OS finger printing, promiscuous node detection, Layer 2 attacks, building specific sniffers & scanners, writing professional/manageable command-line utilities.
By the end of this session you'll be able to write custom network tools quickly to solve problems that you encounter during administration and pen testing rather than waiting for someone to write them for you.
Part I: Basics (15-30 mins)
- Building virtual lab. (5 mins)
- Networking from programmer's perspective. (Optional - 15 mins)
- Quick intro to some specific Python features. (Optional - 10 mins)
- Part II: Scapy(1.5 hours)
- Understanding Scapy framework. (15 mins)
- Writing network utilities(scanners, sniffers, admin utilities). (15-20 mins)
- Remote OS detection & Promisc detection. (15 mins)
- Packet capture analysis.(solve some custom PCAP challenges. (15 mins)
- Writing custom tools by leveraging Scapy! (15 mins).
- Labs I: Land of mysterious boxes (Runs parallel to content)
- A virtual lab with bunch of machines where audience task is to find out as much as they can about the network, machines and security policies using Scapy.
- This exercise runs parallel to the content. We'll apply techniques we learn in the workshop to explore the labs.
- Labs II: Network Hunt CTF (30 mins)
- A mini-CTF on a Software Defined Network. The audience task is to use Scapy to crack a set of challenges, circumvent security measures, subvert systems, perform network attacks to find and obtain the flag.)
- CTF code is provided to audience so if someone is unable to crack the CTF in provided time, we'll carry it outside the workshop time.
Who should attend?
- Anyone interested networking or network programming.
- Anyone interested in Network security/Pen Testing.
- Security professionals & Network admins.
- Must have an understanding of Networking protocols.
- Must be comfortable with basic Python2.X.
- Laptop with admin access.(mandatory).
- Preferably 4 GB RAM and 25 GB free space. (More the better)
- Preferably running Linux as primary OS but Windows/Mac is permissible.
- Virtualbox 5.0+ (No VMWare).
- Vagrant 1.6+.
(Depending on the Internet connectivity we might push the labs to some cloud provider in which case the only dependency will be a laptop with admin access and virtualbox installed)
This is an EARLY DRAFT of the workshop content.
Notes & Code will be updated and uploaded on github after every delivery.
A dry run of this workshop will be conducted at Null Bangalore.
CTF code & Solutions will be provided on request through email. Providing them here would defeat the purpose.
Graduated in Information Security.
Freelance Pen test guy for past 4 years.
Passionate towards both offensive and defensive aspects of security.
Enjoys working on Open source technologies and teaching. I have presented/taught at various places ranging from tech conferences, local hacker spaces to remote schools in Ladakh.
Other workshops on Python I'll present/presented else where:
- Python programming: Foundations. | https://yamakira.github.io/Python-Foundations/
- Network Programming in Python.
- The Art of Packet crafting with Python/Scapy.
- Linux/Unix system administration using Python.
- Penetration testing using Python.
- Forensics and Reverse engineering using Python.
My Scapy talk at Null in 2015: https://null.co.in/event_sessions/291-packet-crafting-in-scapy