Netzob simplifies the work for security auditors by
providing a complete framework for the reverse engineering of
communication protocols. It handles different types of protocols : text
protocols (like HTTP and IRC), fixed fields protocols (like IP and TCP)
and variable fields protocols (like ASN.1 based formats). Netzob is
therefore suitable for reversing network protocols, stuctured files and
system and process flows (IPC and communication with drivers). Netzob is
provided with modules dedicated to capture data in multiple contexts
(network, file, process and kernel data acquisition).
Demo
Screenshots
The Netzob interface :
Blue columns represent the dynamic/variable fields. Black columns represent the static fields.
When
analysing DNS traffic (and with no previous knowledge of the
protocols), Netzob discovers the IP.total_length field, the UDP.length
field and their associated payloads :
No comments:
Post a Comment
Thank You , For Immediate Assistance Plz Put Email Copy to Deviceporting@gmail.com