Netzob v1.0 - Inferring Communications Protocols.

Netzob v1.0 – Inferring Communications Protocols.

Netzob is an open source tool for reverse engineering, traffic generation and fuzzing of communication protocols. It can be used to infer the message format and the state machine of a protocol through passive and active processes. The model can afterward be used to simulate realistic and controllable trafic.

The main features of Netzob are:
* Protocol Vocabulary Modeling and Inference
+-+ Netzob includes a complete model to represents the message format of a protocol (aka its vocabulary). Using specific algorithms, it allows to learn it from provided traces.
* Protocol Grammar Modeling and Inference
+-+ The state machine of a protocol (aka its grammar) defines the valid sequences of exchanged messages. Netzob allows to learn it semi-automaticaly using specific algorithms.
* Protocol Simulation
+-+ To support the inferring process, a dynamic analysis is perfomed based on simulated actors. These can initiate and take part in a complex communication following the infered protocol.

Netzob 1.0 – Stomping FrilledShark

This file depends on setuptools which like few other modules cannot be automatically installed. The reason why, you have to manually install the following bunch of prerequisites before initiating Netzob’s install process.
+ python3
+ python3-dev
+ python3-setuptools
+ build-essential

Changelog netzob v1.0 2017-02-03 StompingFrilledShark:
+ major improvment
++ “FlowParser” to parse a succession of message made of different symbols
++ large test campaign created to ensure netzob’s quality
++ migration to python3
++ add SSL client and server channels
++ improve package hierarchy
+ minor improvment
++ enable travis supervision
++ measure test coverage
++ Entropy measurement methods
++ support for timestamps detection
++ improve size field detection algorithm
++ enable RAWIP channels
++ network pcap importer supports ICMP message
+ major bug fix
++ various bug fixes
++ multiple bug fixes in C alignment methods
+ minor bug fix
++ fix Symbol comparison methods
++ fix logging verbosity
++ remove useless codes and resources

Usage and install from source:

Download: netzob-1.0.zip  | netzob-1.0.tar.gz
Source: https://github.com/netzob