This chapter presents some interesting Python recipes for network security monitoring and vulnerability scanning. We begin by sniffing packets on a network using the pcap
library. Then, we start using Scapy
, which is a Swiss knife type of library that can do many similar tasks. Some common tasks in packet analysis are presented using Scapy
, such as saving a packet in the pcap
format, adding an extra header, and modifying the IP address of a packet.
Some other advanced tasks on network intrusion detection are also included in this chapter, for example, replaying traffic from a saved pcap
file and broadcast scanning.