LSE toolsLSE tools0trace.py (299)0trace.py (299)

Tool and Usage

The 0trace.py utility is a rewrite of 0trace (by another author) to perform reconnaissance and bypass network firewalls.


This security tool enables the user to perform hop enumeration (similar to traceroute). Instead of sending actual packets, it uses an established TCP connection.

Why this tool?

The 0trace utility is useful to perform reconnaissance. For example, to see if additional data can be gathered about the network and its devices.

How it works

The benefit of using an established connection is staying off the radar of a firewall. This technique works due to the session being already in a connection table. By using the existing connection and send TTL-based probes, no suspicion will be raised.

Additional information

0trace.py is a remake by Jon Oberheide of the original 0trace tool by Michal Zalewski.

Usage and audience

0trace.py is commonly used for bypassing security measures or reconnaissance. Target users for this tool are pentesters and security professionals.



Several dependencies are required to use 0trace.py.

  • dnet
  • dpkt
  • pypcap

0trace.py alternatives

See also:

More alternative tools for 0trace.py

This tool page was recently updated. Found an improvement? Become an influencer and submit an update.
Project details
Latest releaseNo release found
Last updatedSept. 17, 2017

Project health

This score is calculated by different factors, like project age, last release date, etc.


 0trace.py project website

Related terms