Netzob is an open source tool for reverse engineering, traffic generation and fuzzing of communication protocols. It can be used to infer the message format and the state machine of a protocol through passive and active processes. The model can afterward be used to simulate realistic and controllable trafic.
The main features of Netzob are:
- Protocol Vocabulary Modeling and Inference
- Netzob includes a complete model to represents the message format of a protocol (aka its vocabulary). Using specific algorithms, it allows to learn it from provided traces.
- Protocol Grammar Modeling and Inference
- The state machine of a protocol (aka its grammar) defines the valid sequences of exchanged messages. Netzob allows to learn it semi-automaticaly using specific algorithms.
- Protocol Simulation
- To support the inferring process, a dynamic analysis is perfomed based on simulated actors. These can initiate and take part in a complex communication following the infered protocol.
|Mailing list:||Users, developers and announces lists are available, use the SYMPA web interface to register.|
|IRC:||You can hang-out with us on Freenode’s IRC channel #netzob @ freenode.org.|
|Wiki:||Discuss strategy on Netzob’s wiki|
|Twitter:||Follow Netzob’s official accounts (@Netzob)|
Netzob has been initiated by security auditors of AMOSSYS and the CIDre research team of Supélec to address the reverse engineering of communication protocols. A detailed overview of the project is available here.
- Discover features of Netzob
- The goal of this tutorial is to present the usage of each main component of Netzob (inference of message format, construction of the state machine, generation of traffic and fuzzing) through an undocumented protocol.
- Modeling your Protocol with Netzob
- This tutorial details the main features of Netzob’s protocol modeling aspects. It shows how your protocol fields can be described with Netzob’s language.