Collection of "bad" packets in PCAPs that can be used for testing software
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
scapy @ f07cdad
various-dns-pcaps
.gitignore
.gitmodules
.travis.yml
LICENSE
Makefile
README.md
add_dot1q.py
missing_payload.py
padding.py
v4_frag_dup.py
v4_frag_empty.py
v4_frag_fuzz_dst.py
v4_frag_fuzz_id.py
v4_frag_fuzz_offset.py
v4_frag_fuzz_proto.py
v4_frag_fuzz_src.py
v4_frag_nomf.py
v4_frag_offset.py
v4_frag_order.py
v4_frag_skip.py
v4_frag_timeout.py
v4_tcp_opts.py
v6_frag_dup.py
v6_frag_empty.py
v6_frag_fuzz_dst.py
v6_frag_fuzz_offset.py
v6_frag_fuzz_src.py
v6_frag_nomf.py
v6_frag_offset.py
v6_frag_order.py
v6_frag_skip.py
v6_frag_timeout.py
v6_tcp_opts.py

README.md

bad-packets

Collection of "bad" packets in PCAPs that can be used for testing software

  • <ipv>_frag_dup_<proto>.pcap: contains a duplicated fragment
  • <ipv>_frag_empty_<proto>.pcap: remove IP payload from one fragment
  • <ipv>_frag_fuzz_dst_<proto>.pcap: multiple fragmented packets with destination address fuzzed
  • <ipv>_frag_fuzz_id_<proto>.pcap: multiple fragmented packets with IP ID fuzzed
  • <ipv>_frag_fuzz_offset_<proto>.pcap: multiple fragmented packets with fragment offset fuzzed
  • <ipv>_frag_fuzz_proto_<proto>.pcap: multiple fragmented packets with IP protocol fuzzed
  • <ipv>_frag_fuzz_src_<proto>.pcap: multiple fragmented packets with source address fuzzed
  • <ipv>_frag_nomf_<proto>.pcap: remove MF (more fragments) flag from one fragment (not last)
  • <ipv>_frag_offset_offbyone1_<proto>.pcap: one fragment with offset of by one (+1)
  • <ipv>_frag_offset_offbyone2_<proto>.pcap: one fragment with offset of by one (-1)
  • <ipv>_frag_order_<proto>.pcap: multiple packets with fragments in asc, desc and random order
  • <ipv>_frag_skip_first_<proto>.pcap: a fragmented packet without the first fragment
  • <ipv>_frag_skip_last_<proto>.pcap: a fragmented packet without the last fragment
  • <ipv>_frag_skip_middle_<proto>.pcap: a fragmented packet without a fragment in the "middle"
  • <ipv>_tcp_opts_tcp.pcap: a packet with TCP options

Different PCAPs are generated based on IP version and protocol:

  • <ipv>: v4 or v6
  • <proto>: udp or tcp

Build

git submodule update --init
make

Note: See Makefile for various options when generating packets.

Dependencies

  • python

Static PCAPs