How to set the Evil Bit on outgoing traffic

Apparently this was actually implemented for FreeBSD - maybe you could look at their code?

http://www.cs.columbia.edu/~smb/3514.html

You have two options:

One is to use https://code.google.com/p/evilbitchanger/ , a scapy based script that does the Evil Bit setting work for you.

The other is to use raw scapy scripting to craft the packets with Evil bit. As documented, Scapy is capable of setting the Evil Bit flag quite easily.

>>> t=TCP()
>>> t.flags="SA"
>>> t.flags 
18
>>> t
<TCP flags=SA |>
>>> t.flags=23
>>> t
<TCP flags=FSRA |>
>>> i=IP(flags="DF+MF")
>>> i.flags
3
>>> i
<IP flags=MF+DF |>
>>> i.flags=6
>>> i
<IP flags=DF+evil |>

Hope this helps.