Skip to content
A command-line network packet crafting and injection utility
C Makefile Other
Branch: master
Clone or download
troglobit Update ChangeLog and bump version for v1.6 release
Signed-off-by: Joachim Nilsson <>
Latest commit f4d4e2f Jun 16, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
debian Update ChangeLog and bump version for v1.6 release Jun 16, 2019
docs Add recommendations to contributing to Nemesis May 10, 2018
man Update references to other nemesis man pages Jun 15, 2019
src nemesis: dhcp: Finalize DHCP support Jun 14, 2019
.clang-format Fix clang-format formatting of pointer alignment Apr 22, 2018
.gitignore Minor update Apr 25, 2019
.travis.yml Travis-CI: Restore clang build after Coverity Scan run May 10, 2018 Update ChangeLog and bump version for v1.6 release Jun 16, 2019
LICENSE Change to itemized from numbered list of conditions, plus whitespace Apr 5, 2018 Fix bogus release target md5 warning and add package target May 10, 2018 Note: Windows build has not been tested in over a decade ... Jun 12, 2019 Remove generated files, use to create Apr 8, 2018 Update ChangeLog and bump version for v1.6 release Jun 16, 2019 Clean out old CVS $ tags May 2, 2018

N E M E S I S - Crafting & Injection

License Badge Travis Status Coverity Status

The Nemesis Project is designed to be a command line based, portable human IP stack for UNIX-like and Windows systems. The suite is broken down by protocol, and should allow for useful scripting of injected packets from simple shell scripts.

The latest release is always available from GitHub at

Key Features

  • ARP/RARP, DNS, ETHERNET, ICMP, IGMP, IP, OSPF, RIP, TCP and UDP protocol support
  • Layer 2 or Layer 3 injection on UNIX-like systems
  • Layer 2 injection (only) on Windows systems
  • Packet payload from file
  • IP and TCP options from file
  • Tested on OpenBSD, Linux, Solaris, Mac OS X and Windows 2000

Each supported protocol uses its own protocol "injector" which is accompanied by a man page explaining its functionality.

Consult the ChangeLog for release details, and the documentation for each protocol injector for in-depth descriptions of the available functionality.


  • Inject malformed ICMP redirect

      sudo nemesis icmp -S -D -G -i 5
  • DHCP Discover (must use sudo and -d to send with source IP

      sudo nemesis dhcp -d eth0
  • IGMP v2 join for group

      sudo nemesis igmp -v -p 22 -S -i -D
  • IGMP v2 query, max resp. time 10 sec, with Router Alert IP option

      echo -ne '\x94\x04\x00\x00' >RA
      sudo nemesis igmp -v -p 0x11 -c 100 -D -O RA


      echo -ne '\x94\x04\x00\x00' | sudo nemesis igmp -v -p 0x11 -c 100 -D -O -
  • IGMP v3 query, with Router Alert IP option

      echo -ne '\x03\x64\x00\x00' > v3
      sudo nemesis igmp -p 0x11 -c 100 -i -P v3 -D -O RA
  • Random TCP packet

      sudo nemesis tcp
  • DoS and DDoS testing

      sudo nemesis tcp -v -S -D -fSA -y 22 -P foo
      sudo nemesis udp -v -S -D -x 11111 -y 53 -P bindpkt
      sudo nemesis icmp redirect -S -D -G -qR
      sudo nemesis arp -v -d eth0 -H 0:1:2:3:4:5 -S -D

Build & Install

Nemesis is built around libnet. Windows platform builds require libpcap as well. Nemesis <= 1.4 was built around libnet 1.0 and Nemesis >= 1.5 require libnet 1.1, or later.

On Debian and Ubuntu derived GNU/Linux systems:

sudo apt install libnet1-dev

This installs the libnet headers and library in a standard location which the configure script easily can find. Should your libnet1 installation be in a non-standard location you can provide the paths like this:

configure LDFLAGS=-L/path/to/lib CPPFLAGS=-I/path/to/header

The GNU Configure & Build system use /usr/local as the default install prefix. Usually this is sufficient, the below example installs to /usr instead:

tar xf nemesis-1.5.tar.xz
cd nemesis-1.5/
./configure --prefix=/usr
make -j5
sudo make install-strip

Installing on Windows

nemesis.exe can be installed anywhere on a Windows system. The caveat is that LibnetNT.dll must exist either in the same directory as nemesis.exe or in any of the directories listed in the %PATH% variable. On Windows 2000 this would be %SystemRoot%\System32

Note: the windows build has not been tried or tested in over a decade. YYMV

Building from GIT

If you want to contribute, or simply want to try out the latest but still unreleased features, then you need to know a few things about the GNU Configure & Build system:

  • and a per-directory are key files
  • configure and are generated from, they are not stored in GIT but automatically generated for the release tarballs
  • Makefile is generated by configure script

To build from GIT you first need to clone the repository and run the script. This requires automake and autoconf to be installed on your system.

git clone
cd nemesis/
./configure && make

GIT sources are a moving target and are not recommended for production systems, unless you know what you are doing!

Origin & References

  • 1999: Nemesis was created by Mark Grimes
  • 2001: Jeff Nathan took over maintainership
  • 2018: Project resurrected by Joachim Nilsson

The project is currently maintained at GitHub with the intention to serve as a focal point for new development. If you have patches and/or ideas, please submit them using the issue tracker or as pull requests.

You can’t perform that action at this time.