Convert Figma logo to code with AI

fortra logoimpacket

Impacket is a collection of Python classes for working with network protocols.

13,272
3,535
13,272
325
View on GitHub

Top Related Projects

fortra's avatar

impacket

13,272

Impacket is a collection of Python classes for working with network protocols.

byt3bl33d3r's avatar

CrackMapExec

8,349

A swiss army knife for pentesting networks

lgandx's avatar

Responder

5,320

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

Quick Overview

Impacket is a collection of Python classes for working with network protocols. It provides a consistent and low-level programmatic interface to various protocols used in network security testing and exploitation. Impacket is widely used in penetration testing and security research.

Pros

  • Comprehensive support for a wide range of network protocols
  • Well-documented and actively maintained
  • Provides both high-level and low-level APIs for flexibility
  • Includes ready-to-use example scripts for common tasks

Cons

  • Steep learning curve for beginners
  • Some dependencies may require manual installation
  • Can be used maliciously if not handled responsibly
  • Performance may be slower compared to compiled alternatives for certain operations

Code Examples

  1. Creating an SMB connection:
from impacket.smbconnection import SMBConnection

conn = SMBConnection(remoteName, remoteHost, timeout=5)
conn.login(username, password)
  1. Performing NTLM authentication:
from impacket.ntlm import getNTLM

type1 = getNTLM(flags)
type3 = getNTLM(flags, user, password, domain, lmhash, nthash, target)
  1. Sending a DCE/RPC request:
from impacket.dcerpc.v5 import transport, scmr

rpctransport = transport.DCERPCTransportFactory(r"ncacn_np:%s[\pipe\svcctl]" % target)
dce = rpctransport.get_dce_rpc()
dce.connect()
dce.bind(scmr.MSRPC_UUID_SCMR)

request = scmr.OpenSCManagerW()
resp = dce.request(request)

Getting Started

  1. Install Impacket:

    pip install impacket

  2. Import required modules:

    from impacket import smbconnection, ntlm, dcerpc

  3. Use Impacket classes and functions in your scripts:

    conn = smbconnection.SMBConnection(remoteName, remoteHost)
conn.login(username, password)
shares = conn.listShares()

  4. Explore example scripts in the Impacket repository for more advanced usage and specific protocol implementations.

Competitor Comparisons

fortra logo

impacket

13,272

Impacket is a collection of Python classes for working with network protocols.

Pros of impacket

  • Identical repository content and functionality
  • Same active development and maintenance
  • Equivalent community support and contributions

Cons of impacket

  • No unique disadvantages compared to the other repository
  • Identical potential security vulnerabilities
  • Same learning curve for new users

Code comparison

Both repositories contain identical code, as they are the same project. Here's a sample from both:

class SMB(PacketSocket):
    def __init__(self, remote_name, remote_host, my_name=None, host_type=nmb.TYPE_SERVER, sess_port=445, timeout=None):
        PacketSocket.__init__(self, timeout)
        self._remote_name = remote_name
        self._remote_host = remote_host
        self._my_name = my_name
        self._sess_port = sess_port
        self._host_type = host_type

As the repositories are identical, there are no meaningful differences to compare in terms of code structure, style, or functionality.

byt3bl33d3r logo

CrackMapExec

8,349

A swiss army knife for pentesting networks

Pros of CrackMapExec

  • More user-friendly and streamlined for pentesting workflows
  • Includes built-in modules for common attack scenarios
  • Offers a more comprehensive suite of post-exploitation tools

Cons of CrackMapExec

  • Less flexible for custom protocol implementations
  • Smaller community and fewer contributors
  • More focused on Windows environments, potentially limiting cross-platform usage

Code Comparison

CrackMapExec example:

from crackmapexec import connection
conn = connection.Connection('192.168.1.100', 'username', 'password')
conn.login()
conn.execute('whoami')

Impacket example:

from impacket.smbconnection import SMBConnection
conn = SMBConnection('192.168.1.100', '192.168.1.100')
conn.login('username', 'password')
conn.executeRemote('whoami')

Both libraries provide similar functionality for connecting to and interacting with remote systems. However, CrackMapExec offers a more abstracted interface tailored for pentesting, while Impacket provides lower-level access to network protocols, allowing for more customization but requiring more detailed implementation.

lgandx logo

Responder

5,320

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

Pros of Responder

  • Specialized focus on network poisoning and NTLM credential capturing
  • User-friendly command-line interface for quick setup and execution
  • Built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication servers

Cons of Responder

  • Limited scope compared to Impacket's broader functionality
  • Less flexibility for custom protocol implementations
  • Fewer options for low-level network manipulation

Code Comparison

Responder (Python):

def start_responder():
    servers = [
        HTTP, SMB, MSSQL, FTP, LDAP
    ]
    for server in servers:
        thread = Thread(target=server.start)
        thread.daemon = True
        thread.start()

Impacket (Python):

def send_smb_packet(connection, packet):
    connection.sendSMB(packet)
    recvPacket = connection.recvSMB()
    return recvPacket

Summary

Responder is a specialized tool for network poisoning and credential capturing, offering a user-friendly interface and built-in rogue servers. Impacket, on the other hand, provides a comprehensive set of tools for low-level network protocol manipulation, offering greater flexibility and broader functionality. While Responder excels in its specific use case, Impacket is more versatile for various network-related tasks and custom implementations.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

Impacket

Latest Version Build and test Impacket

Copyright Fortra, LLC and its affiliated companies. All rights reserved.

Impacket was originally created by SecureAuth, and now maintained by Fortra's Core Security.

Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols (e.g. SMB1-3 and MSRPC) the protocol implementation itself. Packets can be constructed from scratch, as well as parsed from raw data, and the object-oriented API makes it simple to work with deep hierarchies of protocols. The library provides a set of tools as examples of what can be done within the context of this library.

What protocols are featured?

  • Ethernet, Linux "Cooked" capture.
  • IP, TCP, UDP, ICMP, IGMP, ARP.
  • IPv4 and IPv6 Support.
  • NMB and SMB1, SMB2 and SMB3 (high-level implementations).
  • MSRPC version 5, over different transports: TCP, SMB/TCP, SMB/NetBIOS and HTTP.
  • Plain, NTLM and Kerberos authentications, using password/hashes/tickets/keys.
  • Portions/full implementation of the following MSRPC interfaces: EPM, DTYPES, LSAD, LSAT, NRPC, RRP, SAMR, SRVS, WKST, SCMR, BKRP, DHCPM, EVEN6, MGMT, SASEC, TSCH, DCOM, WMI, OXABREF, NSPI, OXNSPI.
  • Portions of TDS (MSSQL) and LDAP protocol implementations.

Maintainer

Core Security

Table of Contents

Getting Impacket

Latest version

  • Impacket v0.12.0

    Python versions

Current and past releases

Development version

Setup

Quick start

:information_source: We recommend using pipx over pip for system-wide installations.

In order to grab the latest stable release run:

python3 -m pipx install impacket

If you want to play with the unreleased changes, download the development version from the master branch, extract the package, and execute the following command from the directory where Impacket has been unpacked:

python3 -m pipx install .

Docker Support

Build Impacket's image:

  $ docker build -t "impacket:latest" .

Using Impacket's image:

  $ docker run -it --rm "impacket:latest"

Testing

The library leverages the pytest framework for organizing and marking test cases, tox to automate the process of running them across supported Python versions, and coverage to obtain coverage statistics.

A comprehensive testing guide is available.

Licensing

This software is provided under a slightly modified version of the Apache Software License. See the accompanying LICENSE file for more information.

SMBv1 and NetBIOS support based on Pysmb by Michael Teo.

Disclaimer

The spirit of this Open Source initiative is to help security researchers, and the community, speed up research and educational activities related to the implementation of networking protocols and stacks.

The information in this repository is for research and educational purposes and not meant to be used in production environments and/or as part of commercial products.

If you desire to use this code or some part of it for your own uses, we recommend applying proper security development life cycle and secure coding practices, as well as generate and track the respective indicators of compromise according to your needs.

Contact Us

Whether you want to report a bug, send a patch, or give some suggestions on this package, reach out to us at https://www.coresecurity.com/about/contact.

For security-related questions check our security policy.