Analysis updated 2026-06-24
Write a script that authenticates to a Windows host with NTLM hash and runs a remote command.
Sniff and parse Kerberos traffic on a lab network to study ticket structure.
Build a custom SMB client that lists shares and reads files from a target.
Query LDAP for domain user and group enumeration during an authorized pentest.
| fortra/impacket | wan-video/wan2.2 | microsoft/bringing-old-photos-back-to-life | |
|---|---|---|---|
| Stars | 15,708 | 15,713 | 15,694 |
| Language | Python | Python | Python |
| Setup difficulty | moderate | hard | hard |
| Complexity | 4/5 | 4/5 | 4/5 |
| Audience | developer | researcher | general |
Figures from each repo's GitHub metadata at analysis time.
Pip-installable but most useful examples assume a target Windows lab environment and valid credentials.
Impacket is a Python library used by security researchers and penetration testers (professionals hired to find weaknesses in computer systems) to interact with low-level network protocols. Network protocols are the rules that computers use to communicate, things like how files are shared, how authentication works, and how devices find each other on a network. The library provides detailed, programmable access to a wide range of protocols used mainly in Windows and enterprise networking environments: SMB (the protocol Windows uses for file sharing), Kerberos and NTLM (Windows authentication systems), MSRPC (a system for calling procedures on remote machines), NetBIOS (a legacy network naming system), and partial support for SQL Server (TDS) and directory services (LDAP). In practice, Impacket is used to build security testing tools, for example, simulating attacks like "pass-the-hash" (reusing captured authentication credentials without knowing the actual password), querying remote Windows systems, or inspecting how authentication traffic is structured. It is not designed for production use in commercial products, and the project's stated purpose is research and education. You would use Impacket if you are a security researcher, a penetration tester testing Windows environments, or a developer studying network protocol implementations. It is written in Python and installable via the standard Python package manager (pip or pipx). It is maintained by Fortra's Core Security team.
Python library for working with Windows and enterprise network protocols like SMB, Kerberos, NTLM, MSRPC, and LDAP, used by security researchers and pentesters.
Mainly Python. The stack also includes Python, SMB, Kerberos.
Custom Impacket license based on Apache-style permissive terms allows use, modification, and redistribution with attribution, not intended for commercial product embedding.
Setup difficulty is rated moderate, with roughly 30min to a first successful run.
Mainly developer.
This repo across BitVibe Labs
Verify against the repo before relying on details.