Packet Batch
A collection of high-performance applications and tools designed for sending network packets. It serves two main purposes: penetration testing, which involves assessing network security by simulating various attacks likeDenial of Service (DoS); and network monitoring, which involves analyzing and inspecting network traffic.
Among these applications, two stand out as they utilizeAF_XDP (eXpress Data Path) and theDPDK (Data Plane Development Kit) technologies. AF_XDP is a fast and efficient network socket technology, while the DPDK is a kernel-bypass framework that allows for optimized packet processing in the user space.
By leveraging AF_XDP and the DPDK, these special applications can generate a significant amount of network traffic, making the most out of the available hardware resources.
With that said, if these applications are launched from multiple sources to the same network/IP address, it is considered aDistributed Denial of Service (DDoS) attack.
These applications allow you to customize many of the packet's contents including layer 2/3/4 headers and payload data along with launch different types of attacks at once or in a chain viasequences.
NOTE - This project was inspired by my previous Packet Sequenceproject. Packet Sequence only supportsAF_PACKETv3 Linux sockets, though.
A revamp is in-progress that'll combine all packet processing technologies listed below into one main program. At this time, the revamp is not completed, but you may notice some repositories are marked asold (these are mostly unsupported).
Development of this revamp can be found inthis branch! Each packet processing tech will be stored as separate repositories in Packet Batch'sorganization prefixed withtech-.
As mentioned above, there are three applications for this project; Standard, AF_XDP, and DPDK.
- Standard - Utilizes
AF_PACKETLinux sockets and supports TCP cooked sockets for establishing TCP connections automatically. - AF_XDP - Uses
AF_XDPLinux sockets which is faster thanAF_PACKETv3, but doesn't support TCP cooked sockets. - DPDK - Usesthe DPDK which is faster than other applications, but since the DPDK is a kernel-bypass library, it is harder to setup and only supports certain hardware. The tool also doesn't support TCP cooked sockets.
If Packet Batch does not meet your expectations/needs, there are other tools that may accomplish what you're looking for, so I wanted to list them here. I will build this list as time goes on and if you have any suggestions, please feel free to reach out to me!
PinnedLoading
- old-standard
old-standard Public archivePacket Batch's old standard program. An application that utilizes AF_PACKET Linux sockets to send network packets with TCP cooked socket support. Used for penetration testing including Denial of Se…
Repositories
- tech-afxdp Public
A small C API that interacts with AF_XDP sockets. Will be used with upcoming Packet Batch revamp and a work-in-progress!
Packet-Batch/tech-afxdp’s past year of commit activity - old-standard Public archive
Packet Batch's old standard program. An application that utilizes AF_PACKET Linux sockets to send network packets with TCP cooked socket support. Used for penetration testing including Denial of Service (DoS), and network monitoring.
Packet-Batch/old-standard’s past year of commit activity