The Nemesis Project is designed to be a command line based, portable human IP stack for UNIX-like and Windows systems. The suite is broken down by protocol, and should allow for useful scripting of injected packets from simple shell scripts.

Key Features

• ARP/RARP, DNS, ETHERNET, ICMP, IGMP, IP, OSPF, RIP, TCP and UDP protocol support
• Layer 2 or Layer 3 injection on UNIX-like systems
• Layer 2 injection (only) on Windows systems
• Packet payload from file
• IP and TCP options from file
• Tested on OpenBSD, Linux, Solaris, Mac OS X and Windows 2000

Each supported protocol uses its own protocol "injector" which is accompanied by a man page explaining its functionality.
Consult the ChangeLog for release details, and the documentation for each protocol injector for in-depth descriptions of the available functionality.

Examples

• Inject malformed ICMP redirect
  

    sudo nemesis icmp -S 10.10.10.3 -D 10.10.10.1 -G 10.10.10.3 -i 5

• IGMP v2 join for group 239.186.39.5
  

    sudo nemesis igmp -v -p 22 -S 192.168.1.20 -i 239.186.39.5 -D 239.186.39.5

• IGMP v2 query, max resp. time 10 sec, with Router Alert IP option
  

    echo -ne '\x94\x04\x00\x00' >RA
    sudo nemesis igmp -v -p 0x11 -c 100 -D 224.0.0.1 -O RA

  or
  

    echo -ne '\x94\x04\x00\x00' | sudo nemesis igmp -v -p 0x11 -c 100 -D 224.0.0.1 -O -

• IGMP v3 query, with Router Alert IP option
  

    echo -ne '\x03\x64\x00\x00' > v3
    sudo ./src/nemesis igmp -p 0x11 -c 100 -i 0.0.0.0 -P v3 -D 224.0.0.1 -O RA

• Random TCP packet
  

    sudo nemesis tcp

• DoS and DDoS testing
  

    sudo nemesis tcp -v -S 192.168.1.1 -D 192.168.2.2 -fSA -y 22 -P foo
    sudo nemesis udp -v -S 10.11.12.13 -D 10.1.1.2 -x 11111 -y 53 -P bindpkt
    sudo nemesis icmp redirect -S 10.10.10.3 -D 10.10.10.1 -G 10.10.10.3 -qR
    sudo nemesis arp -v -d ne0 -H 0:1:2:3:4:5 -S 10.11.30.5 -D 10.10.15.1

Build & Install
Nemesis is built around libnet. Windows platform builds require libpcap as well. On Debian and Ubuntu derived GNU/Linux systems:

sudo apt install libnet1-dev

The GNU Configure & Build system use /usr/local as the default install prefix. Usually this is sufficient, the below example installs to /usr instead:

tar xf nemesis-1.5.tar.xz
cd nemesis-1.5/
./configure --prefix=/usr
make -j5
sudo make install-strip

Building from GIT
If you want to contribute, or simply want to try out the latest but still unreleased features, then you need to know a few things about the GNU Configure & Build system:

• configure.ac and a per-directory Makefile.am are key files
• configure and Makefile.in are generated from autogen.sh, they are not stored in GIT but automatically generated for the release tarballs
• Makefile is generated by configure script

To build from GIT you first need to clone the repository and run the autogen.sh script. This requires automake and autoconf to be installed on your system.

git clone https://github.com/troglobit/inadyn.git
cd inadyn/
./autogen.sh
./configure && make

GIT sources are a moving target and are not recommended for production systems, unless you know what you are doing!

Origin & References

• 1999: Nemesis was created by Mark Grimes
• 2001: Jeff Nathan took over maintainership
• 2018: Project resurrected by Joachim Nilsson

The project is currently maintained at GitHub with the intention to serve as a focal point for new development. If you have patches and/or ideas, please submit them using the issue tracker or as pull requests.