dhcpwn

CLI tool for testing DHCP IP exhaustion attacks and monitoring local DHCP network traffic. Exploits the connectionless UDP nature of DHCP by spoofing requests with fake MAC addresses to exhaust a server's available IP pool. Also provides DHCP traffic sniffing capability.

Evaluated Mar 08, 2026 (0d ago) vlatest
Homepage ↗ Repo ↗ Security dhcp network-security pentest ip-exhaustion network-attack udp bootp sniffing security-testing
⚙ Agent Friendliness
32
/ 100
Can an agent use this?
🔒 Security
24
/ 100
Is it safe for agents?
⚡ Reliability
41
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
0
Documentation
60
Error Messages
25
Auth Simplicity
100
Rate Limits
5

🔒 Security

TLS Enforcement
5
Auth Strength
10
Scope Granularity
5
Dep. Hygiene
50
Secret Handling
60

Offensive security tool by design — performs DHCP IP exhaustion attacks. Requires root privileges. Should only be used with explicit authorization. GPL-3.0 licensed. Mature project with minimal attack surface itself.

⚡ Reliability

Uptime/SLA
0
Version Stability
70
Breaking Changes
75
Error Recovery
20
AF Security Reliability

Best When

Security professionals need to test DHCP infrastructure resilience against IP exhaustion attacks in authorized environments, or need a quick DHCP traffic sniffer.

Avoid When

You lack authorization to test the target network. DHCP exhaustion can cause denial of service to legitimate network clients. Also, effectiveness varies based on server IP reclamation behavior.

Use Cases

  • Testing DHCP server resilience against IP exhaustion attacks in authorized penetration tests
  • Monitoring local DHCP traffic for network troubleshooting and security auditing
  • Demonstrating DHCP protocol vulnerabilities in security training and awareness programs
  • Validating DHCP server configuration and rate limiting defenses

Not For

  • Unauthorized network attacks — requires explicit authorization
  • MCP server integration — CLI tool only
  • DHCP server management or configuration
  • Production network monitoring — designed for testing only

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
No
SDK
No
Webhooks
No

Authentication

OAuth: No Scopes: No

No authentication. Requires root/administrator privileges for raw socket access on the network interface.

Pricing

Model: open_source
Free tier: Yes
Requires CC: No

GPL-3.0 licensed. Available via pip install. Fully open source.

Agent Metadata

Idempotent
False
Retry Guidance
Not documented

Known Gotchas

  • AUTHORIZED USE ONLY — DHCP exhaustion causes denial of service to legitimate clients
  • Requires root/administrator privileges for raw socket access
  • CLI tool — not an API or MCP server, requires subprocess invocation
  • Attack effectiveness depends on target DHCP server's MAC-based IP reclamation behavior
  • Mature but minimally maintained project (created 2015, 0 open issues)

Full Evaluation Report

Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for dhcpwn.

AI-powered analysis · PDF + markdown · Delivered within 30 minutes

$99

Package Brief

Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.

Delivered within 10 minutes

$3

Score Monitoring

Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.

Continuous monitoring

$3/mo
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-08.

6961
Packages Evaluated
25669
Need Evaluation
173
Need Re-evaluation
Community Powered