/Protocol-Analyzer

Fuzz testing framework for network protocols.

Primary LanguageC++MIT LicenseMIT

Protocol Analyzer (NetProtoFuzz)

Protocol-oriented fuzz testing framework for network protocols.

license Coverity Scan Build Status Codacy Badge SonarQube Security Badge SonarQube Vulnerabilities Badge SonarQube Bags Badge Lgtm alerts Lgtm language grade: C/C++ CodeFactor

Framework and Scanner under the deep development. Version 0.0.12.


The main purposes of the framework

  • Verification of the operation of proprietary network protocols in accordance with the declared description;

  • Detection of undeclared capabilities and undefined behavior in the implementation of proprietary network protocols;

  • Audit of security and search for changes from the last scan period.


Current goals

  • Development the basis of network interaction for the needs of the framework;

    • Epoll Socket State Pool Interface for all Sockets under the observation;
    • Managed Socket Pool for unique Interface to take and control sockets;
    • UDP Socket Interface;
    • RAW Socket Interface;
    • ✓ Netlink Socket Interface for interact with Linux Kernel;
    • Create two error interfaces: POSIX-oriented, C++ exceptions.
  • Development an interface for describing the structure of Network Protocol;

    • Implement libJSON as submodule of framework for parsing input configs.
  • Development an interface for create Tasks and manage them;

  • Development an interface for store Global information and Settings in runtime;

  • ✓ Development main data class for working with binary data and build all infrastructure around it;

  • Create a low-level and high-level API for analyzer library;

  • ✓ Development Callback infrastructure through the framework.


Requirements for building the project

  • OpenSSL >= 1.0.2h (libssl-dev) or 1.1.1 for using TLSv1.3;

  • CMake >= 3.8.0 (for C++17 standard support);

  • Compiler, supported full C++17 standard ('clang-6.0.0', 'gcc-7.0', icc-19.0 or higher).


Build

  1. Go to 'build.sh' script.
  2. Uncomment (define) the necessary parameters 'CXX' and 'BUILD_TYPE'.
  3. Run the build script: 'chmod +x build.sh && ./build.sh'.