scapy.layers.http

HTTP 1.0 layer.

Load using:

>>> load_layer("http")

Note that this layer ISN’T loaded by default, as quite experimental for now.

To follow HTTP packets streams = group packets together to get the whole request/answer, use TCPSession as:

>>> sniff(session=TCPSession)  # Live on-the-flow session
>>> sniff(offline="./http_chunk.pcap", session=TCPSession)  # pcap

This will decode HTTP packets using Content_Length or chunks, and will also decompress the packets when needed. Note: on failure, decompression will be ignored.

You can turn auto-decompression/auto-compression off with:

>>> conf.contribs["http"]["auto_compression"] = True
class scapy.layers.http.HTTP

Bases: scapy.packet.Packet

aliastypes
classmethod dispatch_hook(_pkt=None, *args, **kargs)
fields_desc
guess_payload_class(payload)

Decides if the payload is an HTTP Request or Response, or something else.

show_indent = 0
classmethod tcp_reassemble(data, metadata)
class scapy.layers.http.HTTPRequest

Bases: scapy.layers.http._HTTPContent

aliastypes
do_dissect(s)

From the HTTP packet string, populate the scapy object

fields_desc
HTTPRequest fields

Method

_HTTPHeaderField

b'GET'

Path

_HTTPHeaderField

b'/'

Http_Version

_HTTPHeaderField

b'HTTP/1.1'

A_IM

_HTTPHeaderField

None

Accept

_HTTPHeaderField

None

Accept_Charset

_HTTPHeaderField

None

Accept_Datetime

_HTTPHeaderField

None

Accept_Encoding

_HTTPHeaderField

None

Accept_Language

_HTTPHeaderField

None

Access_Control_Request_Headers

_HTTPHeaderField

None

Access_Control_Request_Method

_HTTPHeaderField

None

Authorization

_HTTPHeaderField

None

Cache_Control

_HTTPHeaderField

None

Connection

_HTTPHeaderField

None

Content_Length

_HTTPHeaderField

None

Content_MD5

_HTTPHeaderField

None

Content_Type

_HTTPHeaderField

None

Cookie

_HTTPHeaderField

None

DNT

_HTTPHeaderField

None

Date

_HTTPHeaderField

None

Expect

_HTTPHeaderField

None

Forwarded

_HTTPHeaderField

None

From

_HTTPHeaderField

None

Front_End_Https

_HTTPHeaderField

None

HTTP2_Settings

_HTTPHeaderField

None

Host

_HTTPHeaderField

None

If_Match

_HTTPHeaderField

None

If_Modified_Since

_HTTPHeaderField

None

If_None_Match

_HTTPHeaderField

None

If_Range

_HTTPHeaderField

None

If_Unmodified_Since

_HTTPHeaderField

None

Keep_Alive

_HTTPHeaderField

None

Max_Forwards

_HTTPHeaderField

None

Origin

_HTTPHeaderField

None

Permanent

_HTTPHeaderField

None

Pragma

_HTTPHeaderField

None

Proxy_Authorization

_HTTPHeaderField

None

Proxy_Connection

_HTTPHeaderField

None

Range

_HTTPHeaderField

None

Referer

_HTTPHeaderField

None

Save_Data

_HTTPHeaderField

None

TE

_HTTPHeaderField

None

Upgrade

_HTTPHeaderField

None

Upgrade_Insecure_Requests

_HTTPHeaderField

None

Upgrade_Insecure_Requests

_HTTPHeaderField

None

User_Agent

_HTTPHeaderField

None

Via

_HTTPHeaderField

None

Warning

_HTTPHeaderField

None

X_ATT_DeviceId

_HTTPHeaderField

None

X_Correlation_ID

_HTTPHeaderField

None

X_Csrf_Token

_HTTPHeaderField

None

X_Forwarded_For

_HTTPHeaderField

None

X_Forwarded_Host

_HTTPHeaderField

None

X_Forwarded_Proto

_HTTPHeaderField

None

X_Http_Method_Override

_HTTPHeaderField

None

X_Request_ID

_HTTPHeaderField

None

X_Requested_With

_HTTPHeaderField

None

X_UIDH

_HTTPHeaderField

None

X_Wap_Profile

_HTTPHeaderField

None

Unknown_Headers

_HTTPHeaderField

None

mysummary()
class scapy.layers.http.HTTPResponse

Bases: scapy.layers.http._HTTPContent

aliastypes
answers(other)
do_dissect(s)

From the HTTP packet string, populate the scapy object

fields_desc
HTTPResponse fields

Http_Version

_HTTPHeaderField

b'HTTP/1.1'

Status_Code

_HTTPHeaderField

b'200'

Reason_Phrase

_HTTPHeaderField

b'OK'

Accept_Patch

_HTTPHeaderField

None

Accept_Ranges

_HTTPHeaderField

None

Access_Control_Allow_Credentials

_HTTPHeaderField

None

Access_Control_Allow_Headers

_HTTPHeaderField

None

Access_Control_Allow_Methods

_HTTPHeaderField

None

Access_Control_Allow_Origin

_HTTPHeaderField

None

Access_Control_Expose_Headers

_HTTPHeaderField

None

Access_Control_Max_Age

_HTTPHeaderField

None

Age

_HTTPHeaderField

None

Allow

_HTTPHeaderField

None

Alt_Svc

_HTTPHeaderField

None

Cache_Control

_HTTPHeaderField

None

Connection

_HTTPHeaderField

None

Content_Disposition

_HTTPHeaderField

None

Content_Encoding

_HTTPHeaderField

None

Content_Language

_HTTPHeaderField

None

Content_Length

_HTTPHeaderField

None

Content_Location

_HTTPHeaderField

None

Content_MD5

_HTTPHeaderField

None

Content_Range

_HTTPHeaderField

None

Content_Security_Policy

_HTTPHeaderField

None

Content_Type

_HTTPHeaderField

None

Date

_HTTPHeaderField

None

Delta_Base

_HTTPHeaderField

None

ETag

_HTTPHeaderField

None

Expires

_HTTPHeaderField

None

IM

_HTTPHeaderField

None

Keep_Alive

_HTTPHeaderField

None

Last_Modified

_HTTPHeaderField

None

Link

_HTTPHeaderField

None

Location

_HTTPHeaderField

None

P3P

_HTTPHeaderField

None

Permanent

_HTTPHeaderField

None

Permanent

_HTTPHeaderField

None

Pragma

_HTTPHeaderField

None

Proxy_Authenticate

_HTTPHeaderField

None

Public_Key_Pins

_HTTPHeaderField

None

Refresh

_HTTPHeaderField

None

Retry_After

_HTTPHeaderField

None

Server

_HTTPHeaderField

None

Set_Cookie

_HTTPHeaderField

None

Status

_HTTPHeaderField

None

Strict_Transport_Security

_HTTPHeaderField

None

Timing_Allow_Origin

_HTTPHeaderField

None

Tk

_HTTPHeaderField

None

Trailer

_HTTPHeaderField

None

Transfer_Encoding

_HTTPHeaderField

None

Upgrade

_HTTPHeaderField

None

Vary

_HTTPHeaderField

None

Via

_HTTPHeaderField

None

WWW_Authenticate

_HTTPHeaderField

None

Warning

_HTTPHeaderField

None

X_Content_Duration

_HTTPHeaderField

None

X_Content_Security_Policy

_HTTPHeaderField

None

X_Content_Type_Options

_HTTPHeaderField

None

X_Correlation_ID

_HTTPHeaderField

None

X_Frame_Options

_HTTPHeaderField

None

X_Powered_By

_HTTPHeaderField

None

X_Request_ID

_HTTPHeaderField

None

X_UA_Compatible

_HTTPHeaderField

None

X_WebKit_CSP

_HTTPHeaderField

None

X_XSS_Protection

_HTTPHeaderField

None

Unknown_Headers

_HTTPHeaderField

None

mysummary()
scapy.layers.http.http_request(host, path='/', port=80, timeout=3, display=False, verbose=None, **headers)

Util to perform an HTTP request, using the TCP_client.

Parameters
  • host – the host to connect to

  • path – the path of the request (default /)

  • port – the port (default 80)

  • timeout – timeout before None is returned

  • display – display the resullt in the default browser (default False)

  • headers – any additional headers passed to the request

Returns

the HTTPResponse packet