2.7.0 release #4851
Description
Hi everyone ! This issue tracks the associated 2.7.0 release. As usual, feel free to comment down below to have some features/bugs included before the final release.
The current first RC is planned for: 2nd november 2025. You can expect the full release a few days/weeks after that date.
Deprecation notice
- This version will be the last to support Python 3.7 and 3.8. (PEP639 will require a new license format starting in 2026, which isn't supported in the latest version of setuptools available on those older versions of Python.)
CHANGELOG
- [new] ForwardMachine: a new Scapy feature allowing to create a scriptable multi-clients, multi-destination TCP forwarder. It can edit packets on the fly, redirect them to another server, perform TLS interception and more. More details here
- Windows protocols:
- Implementation details in this paper
- SMB:
- Kerberos:
- FAST support
- PKINIT support
- DMSA support
- many improvements to Ticketer++ (see demo below)
- many bug fixes & improvements
- SSPs:
- SPNEGOSSP was re-written for clarity & now enforces proper mechListMIC rules
- NTLMSSP and KerberosSSP were improved. Support for KB5068222 changes. Better error handling.
- NeglogonSSP now supports Kerberos secure channel (Windows 2025+)
- [new] .NET Remoting layer ([MS-NRTP])
- LDAP: many improvements to the client
- [new] graphical LDAP client "ldaphero"
- DCE/RPC
- better handling of contexts
- better handling of fragmentation
- See https://github.com/gpotter2/scapy-rpc for the MIDL -> Scapy compiler
- [new] DCOM is now supported
- [removal]
scapy -shas been removed. - TLS:
- Parsing of CSR structures is now implemented (PKCS#10 and CMC variants)
- Big refactor of the TLS utils to parse certificates, CSRs, keys and manipulate them. See examples in the documentation
- New
CertTreeclass to act as a certificate store one can check a certificate against. - better handling of NSS KeyLog for TLS 1.3 decryption
- doc improvements
- more structures are implemented
- bluetooth:
- MANY new payloads (EIR, BTLE, HCI_MON ...)
- display of vendor IDs
- many other bug fixes & improvements !
- [new]
radiusd(): a small RADIUS server (CHAP / MS-CHAPv2) - [new]
nbns_request: perform a Netbios discovery - [fixed] Scapy was not loading properly on 32bits *BSD plateforms
- ISAKMP / IKEv2: more supported payloads
- [major doc changes] the "Advanced" section of the documentation was split
- [darwin/osx] support TUN interfaces in
TunTapInterface - automaton:
- [new]
spawn(), allowing to serve automatons on a port - support for sessions (e.g.
TCPSession) - many more fixes and performance improvements (unclosed file descriptors could lead to memory leaks)
- [new]
- HTTP:
- server/client improvements
- support custom headers
- support for GSSAPI authentication with channel binding
- session improvements
- and more
- DNS:
- improve
dnsd()relay mode - fix a bug with (de)compression that could occur in certain cases
- [fixed]
dns_resolvenow properly fallbacks on TCP when packets are too big
- improve
- TFTP: improvements of the interface selection in the client/server automatons
- pcapng: support of multiple comments, fixes to bound checks
- [fixed] defragment6 was not working in some cases
- improve handling of newer IPython versions, fix some deprecation warnings
- improve handling of newer cryptography versions, fix some deprecation warnings
- BGP: support reassembly with TCPSession
- NTP: various fixes, big refactor of the layer
- [fixed] AsyncSniffer stop() failed in some cases
- l2: improvements to
arping()on interfaces with no IP addresses - new protocols:
- PSP
- many other bug fixes to: STUN, 6Lowpan, DHCPv6
Demo (vidéos)
- Ticketer++: a module to manipulate Kerberos tickets. documentation
TicketerFirst.mp4
- LdapHéro: a module that implements a graphical LDAP client documentation
ldaphero.mp4
- smbclient: a SMB client (both interactive or programmable) documentation
smbclient.mp4
- smbserver: documentation