Tcpreplay

Tcpreplay is a collection of utilities licensed under GPLv3, designed for UNIX operating systems (and Win32 when using Cygwin). It allows users to edit and replay network traffic that has been previously captured by tools such as tcpdump and Wireshark.

It allows you to classify traffic as either client or server, rewrite Layer 2, 3, and 4 packets, and finally replay the traffic back onto the network. This includes sending it through various devices such as switches, routers, firewalls, Network Intrusion Detection Systems (NIDS), and Intrusion Prevention Systems (IPS). Tcpreplay supports both single and dual NIC modes, enabling testing for both sniffing and in-line devices. Numerous vendors in the fields of firewall, IDS, IPS, NetFlow, as well as enterprises, universities, labs, and open-source projects utilize Tcpreplay. If your organization uses Tcpreplay, please share your identity and how you use it so that I can continue to add useful features. Tcpreplay is designed to work with network hardware and typically does not penetrate deeper than Layer 2. Yazan Siam, with sponsorship from Cisco, developed tcpliveplay to replay TCP pcap files directly to servers. Use this utility if you want to test the entire network stack down to the application layer. As of version 4.0, Tcpreplay has been enhanced to address the complexities of...