Low-Level Packet
Manipulation for Nim

Direct byte-level control over network packets. Built for security research, penetration testing, and custom network tools.

View on GitHub Get Started
packet_craft.nim 
import nimpacket

# Create a TCP SYN packet
let ipv4 = IPv4Header(
  srcIP: parseIPv4("192.168.1.100"),
  dstIP: parseIPv4("10.0.0.1"),
  protocol: IPPROTO_TCP
)

let tcp = TCPHeader(
  srcPort: 12345,
  dstPort: 80,
  flags: TCP_SYN
)

# Stack layers and serialize
let packet = (ipv4 / tcp).toBytes()
echo "Packet ready: ", packet.len, " bytes"

// Core Features

[ 01 ]

Full Protocol Support

Ethernet, ARP, IPv4, TCP, UDP, ICMP. Complete control over every header field.

[ 02 ]

Layer Stacking

Intuitive / operator to combine layers. Build complex packets with clean syntax.

[ 03 ]

Zero Dependencies

Pure Nim implementation. No external libraries required. Easy to audit and deploy.

[ 04 ]

Native Performance

Compiles to machine code. Optimized checksums. Minimal memory allocations.

[ 05 ]

Type Safety

Compile-time checks prevent common errors. Structured types over raw byte arrays.

[ 06 ]

Bidirectional

Craft packets from scratch or parse raw bytes. Full serialization support.

[ 07 ]

IP Fragmentation

5 advanced evasion strategies: TinyFragments, OverlapPoison, OutOfOrder, TimeDelayed, PolymorphicRandom.

// NimPacket vs Scapy

Feature NimPacket Scapy
Performance Native (Fast) Interpreted (Slow)
Dependencies Zero Many (Python ecosystem)
Type Safety Strong (Compile-time) Weak (Runtime)
Binary Size Small (~KB) Large (Python + libs)
Learning Curve Low Low
Protocol Coverage Core protocols Extensive
Packet Capture Manual (raw sockets) Built-in
Security Auditing Easy (673 lines) Complex (large codebase)

Use NimPacket When:

  • + Performance matters
  • + You need type safety
  • + Building security tools in Nim
  • + Want minimal dependencies
  • + Core protocols are sufficient
  • + Need to audit the code

Use Scapy When:

  • + Need extensive protocol support
  • + Require packet capture features
  • + Interactive exploration needed
  • + Python ecosystem is required
  • + Prototyping and testing
  • + Performance is not critical

// Quick Start

[ Installation ]

$ nimble install nimpacket

[ Basic Usage ]

import nimpacket

# Create IPv4 header
let ip = IPv4Header(
  srcIP: parseIPv4("192.168.1.1"),
  dstIP: parseIPv4("8.8.8.8"),
  protocol: IPPROTO_UDP
)

# Create UDP header
let udp = UDPHeader(
  srcPort: 5353,
  dstPort: 53
)

# Stack and serialize
let packet = (ip / udp).toBytes()

[ Parse Packets ]

let parsed = parsePacket(rawBytes)
if parsed.ipv4Header.isSome:
  echo "Source: ", parsed.ipv4Header.get.srcIP
if parsed.tcpHeader.isSome:
  echo "Port: ", parsed.tcpHeader.get.dstPort

// Use Cases

Port Scanning

Craft custom TCP SYN packets for fast port discovery. Build stealth scanners with precise control over packet fields.

Network Discovery

Send ARP requests to map network topology. Identify active hosts and their MAC addresses.

Protocol Testing

Test network applications by sending malformed or edge-case packets. Validate protocol implementations.

Security Research

Analyze packet structures, test firewall rules, and develop custom network security tools.

IDS/IPS Evasion

Test detection systems with IP fragmentation techniques. Evaluate security controls with advanced evasion strategies.

// Documentation

Comprehensive guides, API reference, and examples available on GitHub. Includes working demos for common network tools.

Read Full Documentation →