Netzob supports the expert in reverse engineering, evaluation, and simulation of communication protocols. Its main goals are to help security evaluators to assess the robustness of proprietary or unknown protocol implementations, simulate realistic communications to test third-party products (IDS, firewalls, etc.), and create an Open Source implementation of a proprietary or unknown protocol. Netzob provides a semi-automatic inferring process, and includes everything necessary to passively learn the vocabulary of a protocol and actively infer its grammar. The learnt protocol can afterward be simulated. Netzob handles text protocols (like HTTP and IRC), fixed field protocols (like IP and TCP), and variable field protocols (like ASN.1-based formats).
|Tags||reverse engineering protocol Security inference fuzzing Blackbox pentest Audit Network|
|Operating Systems||Linux (32 and 64 bit) Windows|
Release Notes: While the previous release introduced a large amount of changes, this one focuses on stability, UI, and model export towards Wireshark and Peach Fuzzer. Thanks to the new plugin mechanism, that was introduced in the previous release, some great features such as Wireshark and Peach exporters are now available as plugins, allowing you to dissect and fuzz proprietary protocols with well-known tools. It also added some new dialogs for configuring the workspace and projects, and to manage imported traces.
Release Notes: This release supports GTK+3 and greatly enhances the GUI. It provides new functions for vocabulary inference and allows better modelization of protocols. Plugins are now supported (especially for Importers, Capturers, and Exporters). Other changes include vocabulary inference, support for layers, customized transformation functions, IPv4, MAC, and random binary variables, and filters for displayed messages, exportation of a selection of fields as a new symbol, an importer for OSpy projects, and user-specified import layers (2, 3, or 4).
Release Notes: This release, codenamed "Flying Razorback", greatly enhances partitioning performance and offers many useful features, including a new visualization layer, a new search engine, more data manipulation functions, and import/export of projects and traces. In addition to Debian and Gentoo packages, a Windows installer is now available.
Release Notes: This release includes some major changes since the first and latest stable release (0.3.1). It offers better stability and quality while providing multiple major enhancements. Starting from this release, a Gentoo ebuild is available.