Scapy

Changelog

Scapy v2.5.0 is the last version to support Python 2.7

Main Changes

- **Type hinting of Scapy core**: Scapy now provides type hintings for [all of its core](https://github.com/secdev/scapy/issues/2158)
- **Python 3.9 and 3.10 support**
- macOS 10.15 support
- update built-in dependencies (six) + and our cryptography imports that created warnings
- fix sniffing performance issues with 2.4.4+ on Windows
- greatly improve BPF (macOS) support (timestamps...)
- enhanced loopback interface support on Linux, *BSD, and Windows
- SPDX License identifiers added
- several **major CLI improvements**, especially in **autocompletion**: you can now auto-complete the names for all Scapy fields, automatons, answering machines thanks to signature injection (and patches in IPython/bpython)

Core

- improved support of BPF
- support **pcapng writing**, comments, TLS secrets decryption block
- Re-work how `sent_time` is shared across packets iterators
- support new LINUX_SLL2 packet type (new tcpdump versions)
- pipes: performances issues fixed
- tools: fixes to hexdiff, lhex...
- **[breaking]** `FlagsField` in dict mode now uses values instead of offsets

Layers

- new layers related to Windows: DCERPC/NTLM/KERBEROS/GSSAPI/SPNEGO/(C)LDAP.
- new contrib layers: ESMC/RTPS/RTPC/metawatch
- rework Netbios/SMB1/SMB2, basic SMB clients & server, ntlm relay
- several fixes to the TLS implementation
- major zigbee/6lowpan improvements
- bug fixes in TLS: properly support FFDH, fix the TLS 1.3 notebooks... among other things
- p0f module update
- IPsec: fixes, x25519 support...
- various updates to the ASN.1 engine
- IKEv2: fixes, UDP encapsulation
- STUN support
- Postgres line protocol 3.0 support
- EDNS0 client subnet support
- ESMC protocol added
- support TCP-MD5 and TCP-AO options
- ERF Ethernet Support
- many fixes: modbus, 802.11, BTLE, SCTP, DNS, LLDP, Kerberos, RTPS, DHCP, MQTT, BGP, L2TP...

Automotive

- ISOTPSoftSocket: Bug fixes and performance improvements
- Documentation and API-Doc improvements
- Unit-Test speedups for Scanners
- IPv6 support for DoIP
- Bugfixes for DoIP
- Unit-Test cleanups
- UDS-, GMLAN- and OBD-Scanner refactoring
- CANFD support

Misc

- new sanity rules prevent fields from having the same name in all packets
- Currently displays a warning but will become a SyntaxError in the future!
- archives of the Scapy repo should now have more consistent hashes

Main Changes

Changelog

Core

- [354 commits to master](https://github.com/secdev/scapy/compare/v2.4.4...v2.4.5) since v2.4.4, from 73 contributors
- **Python 3.9 support**
- New interfaces system. `conf.iface` is now an object (retro-compatible as a string) which contains additional information about the interface and allows for an automatic selection of the socket type. `conf.ifaces` now lists all available interfaces.
- Fix *BSD support. Improve filters handling on Linux and `libpcap`
- Automaton: support for `STOP` event - allows to cleanly end an Automata. Implemented in all Scapy's automatons
- [Deprecated] Naming different fields with the same name will now raise a deprecation warning. This behavior has never properly worked and should never be necessary
- Enhance `Net` and `Net6`
- Improvements to scapy's logging, colored output and to UTscapy
- Fix edge-cases with `ConditionalField` and `MultipleTypeField` to make them more resilient
- [Doc] Enhancements: improved `MultipleTypeField` handling, add `view source`.
- [Internal] Move the test suite to GitHub Actions
- [Internal] Unit test housekeeping
- [Internal] Begin type hinting

Layers

- 6LoWPAN refactor
- TLS improvements (TLS 1.3 server downgrade, TLS 1.2 EXT MS...)
- HTTP improvements (http_request, support for zstd...)
- Refactor TunTap support
- Cleanup MACsec
- Many small bug fixes or improvements to layers (SMB2, BFD, DNS, Zigbee, EAP, HomeplugGP, DHCPv6, 802.11...)

Automotive

- Renaming of ENET to HSFZ
- Added XCP layer
- Added DoIP layer
- [Internal] Cleanup of interface preparation code in unit tests
- Renaming of ECU to Ecu
- Refactoring of EcuState class to be more versatile
- [Internal] Started with typing
- [Internal] Multiple minor cleanups
- Minor updates to the documentation

Main Changes

Core

- [784 commits to master](https://github.com/secdev/scapy/compare/v2.4.3...v2.4.4) since this v2.4.3
- fix how timestamps are measured on layer 3 (broken since 2.4.1)
- drop DNET support (deprecated since 2.4.0)
- Scapy will now use `libpcap` instead of `tcpdump` to compile the filters (`tcpdump` is still used to filter pcaps)
- major changes to the online doc: add an automatically generated [API reference](https://scapy.readthedocs.io/en/latest/api/scapy.html) with visual representation of each layer, move to Sphinx 3.0.0, new layer-specific doc...
- *BSD fixes
- more doc to many functions

Layers

- New layers (homeplug sg, smb2, NSH, RPL, ERSPAN, BFD, ROCE...)
- TLS: TLS 1.3 support & many fixes
- 802.11 improvements / WPA3 detection
- Netflow 9 fixes
- Major refactor & changes of the Automotive layers
- HTTP changes
- DHCPv6 fixes according to revision of the RFC
- Bluetooth improvements (+BLE)
- minor fixes to Radius, PPP, GTP, IPsec, CDP, VTP, HTTP/2, ...

Main Changes

Core

- 364 commits since v2.4.2
- better native support for FreeBSD, NetBSD, OpenBSD
- Windows: native RAW sockets support, load interfaces/routes using C calls, ...
- Solaris: fixed support
- latency improvements
- `sniff()` can be used to test BPF fiters on pcap files
- more unit tests and Python3 compatibility
- asynchronous sniffing
- UTScapy vim syntax highlighting
- drop distutils for setuptools
- Console / IPython integration improvements

Layers

Major changes

New

- HTTP (from the deprecated `scapy-http` module), TLS 1.3, ATA over Ethernet, OVD, IEC 60870-5-104, enip, ...

Improved

- NetflowV9, ISOTP, Zigbee, RTR, BLE, PPI, DNS, LLDP, ...
- Bluetooth/BTLE rework
- PPI / 802.11 improvements

Main changes

- Gabriel Potter is officially part of the Scapy maintainers team
- PEP08 compliance (see 1277)
- Speed improvements (see 642)

Core

- 253 merged pull requests since v2.4.0
- Python 3.7 support
- Enhanced Windows support
- unit testing is now 100% tox based

Layers

Major changes

- Many automotive related layers added (ISO-TP...)

New

- EtherCat
- OPCDA
- SOCKS
- USBpcap
- RPKI

Improved

- MACsec, MQTT, MPLS, DNS, ARP, Dot15d4, Zigbee, Bluetooth4LE, RadioTap ...
- Enhanced monitor mode support

Other

- addresses [a v2.4.0 vulnerability](https://github.com/secdev/scapy/security/advisories/GHSA-q5wg-mj9r-hp59)

Main changes

- Python3 support
- 85% code coverage


Core

- Pcap/PcapNg improvements
- enhanced Windows support
- OpenBSD improvements
- OSX 802.11 monitor mode
- Krack AP module
- iPython support
- automatically tested on Linux, OSX & Windows
- ...


Layers

Major changes

TLS (including TLS1.3), X.509 ...

New
HTTP/2, EAP-TTLS, TACACS, MQTT ...

Improved
IPv6, SCTP, NTP, PPTP, CDP, BGP, ISIS ...