Data

Tools

Indexes

Applications

Experiments

Open Source Science

netzob

Netzob: Protocol Reverse Engineering, Modeling and Fuzzing

https://github.com/netzob/netzob

Science Score: 23.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
  • DOI references
  • Academic publication links
  • Committers with academic emails
    6 of 50 committers (12.0%) from academic institutions
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (12.2%) to scientific vocabulary

Keywords

automata fuzzing network protocols python reverse-engineering traffic-generation zoby

Keywords from Contributors

autograding interactive serializer packaging tensors network-simulation shellcodes hacking observability embedded
Last synced: 6 months ago · JSON representation

Repository

Netzob: Protocol Reverse Engineering, Modeling and Fuzzing

Basic Info
  • Host: GitHub
  • Owner: netzob
  • License: gpl-3.0
  • Language: Python
  • Default Branch: master
  • Homepage:
  • Size: 25.9 MB
Statistics
  • Stars: 803
  • Watchers: 45
  • Forks: 168
  • Open Issues: 40
  • Releases: 4
Topics
automata fuzzing network protocols python reverse-engineering traffic-generation zoby
Created over 13 years ago · Last pushed almost 2 years ago
Metadata Files
Readme License Authors

README.rst 

===========================================================
Netzob : Protocol Reverse Engineering, Modeling and Fuzzing
===========================================================

.. image:: https://img.shields.io/badge/Python-3-brightgreen.svg
    :target: https://github.com/netzob/netzob
    :alt: Python3

See complete documentation here: https://netzob.github.io/netzob/

About Netzob
============

**Netzob** is an open source tool for reverse engineering,
modelization, traffic generation and fuzzing of communication
protocols.

Netzob is suitable for reversing network protocols, structured files
and system and process flows (IPC and communication with drivers and
devices). Netzob handles different types of protocols: text protocols
(like HTTP and IRC), delimiter-based protocols, fixed fields protocols
(like IP and TCP) and variable-length fields protocols (like TLV-based
protocols).

Netzob can be used to infer the message format and the state machine
of a protocol through passive and active processes. Its objective is
to bring state of art academic researches to the operational field, by
leveraging bio-informatic and grammatical inferring algorithms in a
semi-automatic manner.

Once modeled or inferred, a protocol model can be used in our traffic
generation engine, to allow simulation of realistic and controllable
communication endpoints and flows.

Main features of Netzob
=======================

The main features of Netzob are:

**Protocol Modelization**
   Netzob includes a complete model to represent the message format (aka its vocabulary)
   and the state machine of a protocol (aka its grammar).
**Protocol Inference**
   The vocabulary and grammar inference
   component provides both passive and
   active reverse engineering of communication flows through automated
   and manuals mechanisms.
**Traffic Generation**
   Given vocabulary and grammar models previously
   inferred or modelized, Netzob can understand and generate communication traffic
   with remote peers. It can thus act as either a client, a server or
   both.
**Protocol Fuzzing**
   Netzob helps security evaluators by simplifying the creation of
   fuzzers for proprietary or undocumented protocols. Netzob considers the format message and state machine of the
   protocol to generate optimized and specific test cases. Both mutation and generation are available for fuzzing.
**Import Communication Traces**
   Data import is available in two ways: either by
   leveraging the channel-specific captors (currently network and IPC --
   Inter-Process Communication), or by using specific importers (such as
   PCAP files, structured files and OSpy files).
**Export Protocol Models**
   This module permits to export an model of
   a protocol in formats that are understandable by third party software
   or by a human. Current work focuses on export format compatible with
   main traffic dissectors (Wireshark and Scapy) and fuzzers (Peach and
   Sulley).

Netzob must be used as a Python 3 library. It can either be imported in your scripts
or in your favorite interactive shell (ipython?).

More Information
================

:Website: https://github.com/netzob/netzob
:Twitter: Follow Netzob's official accounts (@Netzob)

Netzob has been initiated by security auditors of AMOSSYS and the
CIDre research team of CentraleSupélec to address the reverse engineering and
fuzzing of communication protocols.

Documentation
=============

The documentation is available online at: https://netzob.github.io/netzob/

If you want to build the documentation, run the following command::

  $ sphinx-build -b html doc/documentation/source/ doc/documentation/build/

Get Started with Netzob
=======================

Install it
----------

Installing Netzob system dependencies
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

First thing to do is to check the version of your python3 interpretor.
Netzob requires at least Python 3.8::

  $ python3 --version
  Python 3.8.10

You have to install the following system dependencies::

  $ apt-get install -y python3 python3-dev python3-setuptools virtualenv build-essential libpcap-dev libgraph-easy-perl libffi-dev

Then, create a virtualenv::

  $ mkdir venv
  $ virtualenv venv
  $ source venv/bin/activate

Installing Netzob from PyPI
^^^^^^^^^^^^^^^^^^^^^^^^^^^

You can install Netzob from PyPI (recommended choice)::

  (venv) $ pip3 install netzob

Installing Netzob from sources
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

If you have retrieved Netzob sources, the installation procedure is::

  (venv) $ pip3 install Cython==0.29.32  # Should be manually installed because of setup.py direct dependency
  (venv) $ pip3 install -e .
  
API usage
---------

Once installed, we recommend to use the Netzob API inside scripts, with the following statement to import Netzob::

  from netzob.all import *

Start Netzob CLI
----------------

Netzob also provides its own CLI, in order to play interactively with it::

  (venv) $ netzob

Contributing
============

There are multiple ways to help-us.

Defects and Features  Requests
------------------------------

Help-us by reporting bugs and requesting features using the `Bug Tracker `_.

Join the Development Team
-------------------------

To participate in the development, you need to get the latest version,
modify it and submit your changes.

You're interested in joining, please contact us!

Authors, Contributors and Sponsors
==================================

See the top distribution file ``AUTHORS.txt`` for the detailed and updated list
of authors, contributors and sponsors.

Licenses
========

This software is provided under the GPLv3 License. See the ``COPYING.txt`` file
in the top distribution directory for the full license text.

The documentation is under the CC-BY-SA licence.


Extra
=====

.. figure:: https://raw.githubusercontent.com/netzob/netzob/next/netzob/doc/documentation/source/zoby.png
   :width: 200 px
   :alt: Zoby, the official mascot of Netzob
   :align: center

   Zoby, the official mascot of Netzob.

Owner

  • Name: Netzob
  • Login: netzob
  • Kind: organization
  • Email: contact@netzob.org

Reverse Engineering Communication Protocols

GitHub Events

Total
  • Issues event: 1
  • Watch event: 40
  • Fork event: 3
Last Year
  • Issues event: 1
  • Watch event: 40
  • Fork event: 3

Committers

Last synced: over 2 years ago

All Time
  • Total Commits: 5,039
  • Total Committers: 50
  • Avg Commits per committer: 100.78
  • Development Distribution Score (DDS): 0.655
Past Year
  • Commits: 60
  • Committers: 4
  • Avg Commits per committer: 15.0
  • Development Distribution Score (DDS): 0.117
Top Committers
Name Email Commits
Georges Bossert g****t@s****r 1,740
Frédéric Guihéry f****y@a****r 1,506
Olivier Tétard o****d@m****r 284
Alexandre PIGNÉ a****e@a****r 253
benzob b****r@a****r 237
Georges Bossert g****t@m****r 226
Remy Delion r****n@a****r 190
Olivier Tétard o****d@a****r 166
Fabien ANDRÉ f****e@i****r 49
Amossys-team a****5@a****r 42
Franck Roland f****d@g****m 33
Maxime Olivier m****e@m****r 32
Stephan Kleber s****r@u****e 31
Pascal Melin p****n@a****r 31
Alexandre PIGNÉ a****x@f****t 28
Frédéric Guihéry f****y@g****m 27
Akoibon q****r@e****r 25
Goulven Guiheux g****x@a****r 17
johannes j****k@u****e 15
benjamin b****n@P****r 14
Frédéric Guihéry s****s@c****m 13
aurelien a****e@a****r 8
Fabien ANDRÉ f****e@x****o 8
Loïck Bonniot l****t@a****r 6
dependabot[bot] 4****] 6
liangdzou l****u@g****m 5
Timo Juhani Lindfors t****s@i****i 4
sergej.schmidt s****t@u****e 3
Tammo Krueger t****r@t****e 3
Maxime Olivier m****r@a****r 3
and 20 more...
Committer Domains (Top 20 + Academic)
amossys.fr: 13 uni-ulm.de: 4 miskin.fr: 3 supelec.fr: 1 insa-rennes.fr: 1 freesenses.net: 1 etudiant.univ-rennes1.fr: 1 pc-46.amossys.fr: 1 cat-lan.com: 1 xion345.info: 1 iki.fi: 1 tu-berlin.de: 1 inthreat.com: 1 simon-woerner.de: 1 ssi.gouv.fr: 1 163.com: 1 posteo.net: 1 gmx.net: 1 ericasselin.com: 1 lootr.net: 1

Issues and Pull Requests

Last synced: 6 months ago

All Time
  • Total issues: 49
  • Total pull requests: 57
  • Average time to close issues: over 3 years
  • Average time to close pull requests: about 1 month
  • Total issue authors: 32
  • Total pull request authors: 18
  • Average comments per issue: 1.24
  • Average comments per pull request: 1.19
  • Merged pull requests: 47
  • Bot issues: 0
  • Bot pull requests: 6
Past Year
  • Issues: 2
  • Pull requests: 0
  • Average time to close issues: N/A
  • Average time to close pull requests: N/A
  • Issue authors: 2
  • Pull request authors: 0
  • Average comments per issue: 0.0
  • Average comments per pull request: 0
  • Merged pull requests: 0
  • Bot issues: 0
  • Bot pull requests: 0
View more stats
Top Authors
Issue Authors
  • skleber (11)
  • ProLoDs (5)
  • Sygus (4)
  • HilaZiv (1)
  • IMhappyZzz (1)
  • Harry189809 (1)
  • leviathan2701 (1)
  • pictyeye (1)
  • mpaxson (1)
  • gbossert (1)
  • liangdzou (1)
  • shumtravi (1)
  • abravalheri (1)
  • Du-Mu (1)
  • sne4ky (1)
Pull Request Authors
  • gbossert (12)
  • Sygus (10)
  • skleber (8)
  • dependabot[bot] (6)
  • 2cute2die (4)
  • warsang (3)
  • Amossys-team (2)
  • morenocarullo (2)
  • sumitacharya (2)
  • ShellCode33 (1)
  • SWW13 (1)
  • r4bit999 (1)
  • jonahharris (1)
  • lootr (1)
  • techge (1)
Top Labels
Issue Labels
bug (2) enhancement (1)
Pull Request Labels
enhancement (7) bug (7) dependencies (6) python (3) documentation (1) fix (1)

Packages

  • Total packages: 1
  • Total downloads:
    • pypi 93 last-month
  • Total dependent packages: 0
  • Total dependent repositories: 3
  • Total versions: 7
  • Total maintainers: 2
pypi.org: netzob

Protocol Reverse Engineering, Modeling and Fuzzing

  • Versions: 7
  • Dependent Packages: 0
  • Dependent Repositories: 3
  • Downloads: 93 Last month
Rankings
Stargazers count: 2.3%
Forks count: 3.9%
Average: 8.8%
Dependent repos count: 9.0%
Dependent packages count: 10.0%
Downloads: 18.9%
Maintainers (2)
fguihery otetard
Last synced: 6 months ago

Dependencies

.github/workflows/github-actions.yml actions
  • actions/checkout v3 composite
  • actions/setup-python v4 composite
  • peaceiris/actions-gh-pages v3 composite
resources/dockerbuild/Dockerfile docker
  • debian latest build
requirements.txt pypi
  • Babel ==2.11.0
  • Cython ==0.29.32
  • Flask ==2.2.2
  • Jinja2 ==3.1.2
  • MarkupSafe ==2.1.1
  • PyYAML ==6.0
  • Pygments ==2.13.0
  • Sphinx ==4.5.0
  • Werkzeug ==2.2.2
  • alabaster ==0.7.12
  • beautifulsoup4 ==4.11.1
  • bintrees ==2.2.0
  • bitarray ==0.8.1
  • certifi ==2022.12.7
  • cffi ==1.15.1
  • chardet ==5.1.0
  • charset-normalizer ==2.1.1
  • click ==8.1.3
  • colorama ==0.4.6
  • cryptography ==38.0.4
  • dnspython ==2.2.1
  • docutils ==0.17.1
  • future ==0.18.2
  • getmac ==0.8.3
  • idna ==3.4
  • imagesize ==1.4.1
  • impacket ==0.10.0
  • importlib-metadata ==5.2.0
  • itsdangerous ==2.1.2
  • ldap3 ==2.9.1
  • ldapdomaindump ==0.9.4
  • minepy ==1.2.6
  • netaddr ==0.8.0
  • numpy ==1.24.1
  • packaging ==22.0
  • pcapy-ng ==1.0.9
  • pyOpenSSL ==22.1.0
  • pyasn1 ==0.4.8
  • pycparser ==2.21
  • pycryptodomex ==3.16.0
  • pydata-sphinx-theme ==0.8.1
  • pylstar ==0.1.2
  • pythoncrc ==1.21
  • pytz ==2022.7
  • requests ==2.28.1
  • six ==1.16.0
  • snowballstemmer ==2.2.0
  • soupsieve ==2.3.2.post1
  • sphinx-book-theme ==0.3.3
  • sphinxcontrib-applehelp ==1.0.2
  • sphinxcontrib-devhelp ==1.0.2
  • sphinxcontrib-htmlhelp ==2.0.0
  • sphinxcontrib-jsmath ==1.0.1
  • sphinxcontrib-qthelp ==1.0.3
  • sphinxcontrib-serializinghtml ==1.1.5
  • urllib3 ==1.26.13
  • zipp ==3.11.0
pyproject.toml pypi
setup.py pypi