Network Testing Automation
FlowCoder is a WISIWYG programming framework for prototyping, debugging, validation, fuzzing as well as functional, load, and security testing of computer networks. It allows building and decoding packets for a variety of network protocols, sending them on the wire, receiving and analyzing incoming network traffic, matching requests with replies, keeping and changing the state and much more.
FlowCoder includes a visual network programming language, a WYSIWYG IDE and a packet processor. A FlowCoder program is a flowchart built from graphical blocks interconnected with software wires.
Local Execution is the simplest case. All packets sent by FlowCoder originate on a local host. Packets coming back in response are processed there as well.
Only FlowCoder IDE components run locally. A Flowchart, once created, is shipped for execution to a Cloud running multiple instances of Flowchart processor engine. Packets are originated and processed in a Cloud. Local user gets back diagnostics and statistical data.
An executable flowchart of a protocol finite-state machine built from graphical blocks interconnected with software wires. Sends, receives, analyzes packets, matches requests with replies, keeps and changes the state.
Build any packet from scratch. Select the layers and the stacking order. Mandatory elements are added by default. Optional elements are added with a few clicks.
Your Pcap file is your template. Import it into FlowCoder and get an executable Flowchart boilerplate right away. You'll be up and running in a few mins.
The incoming packets are delivered to Flowchart fully pre-parsed. The packet received or any part of it can be saved into a local or global variable for further use.
Change a packet field on the fly by assigning a new value to a field. Encoding is performed automatically before the packet hits the wire.
FlowCoder can play a role of a MITM Proxy. The passing through packets are decoded, modified at any layer and re-encoded on the fly.
One Flowchart works with any combination of stacks/protocols. If a particular protocol runs over UDP and TCP, the same Flowchart will work for both.
FlowCoder Flowchart processor can run locally or in a Linux VM inside the Cloud. The latter allows for unlimited scalability.
Execute Flowchart step-by-step. Set/Clear breakpoints. View Execution Log for detailed debug output, Data Watch Pane for real time changes in variables' values.
FlowCoder supports automatic parallelization. Run multiple independent calls, transactions, flows simultaneously.
One can start an RTP session, call a crypto function and much more via an API call from a Flowchart block.
Flowchart blocks can call external Python scripts. That way a Flowchart can use host OS services.
Suppose you have a Pcap file with a record of a stateful packet exchange between two parties. You want to simulate party A and see how B reacts if you change the way party A behaves slightly or not so slightly. This includes altering logic of the state machine Party A follows, and/or altering the messages it sends. And you want to do it quickly and with zero coding involved.
FlowCoder visualizes and speeds up development of packet driven finite-state machines and requires no coding in many cases. One can start quickly by importing a Pcap file with the packet exchange of interest.
Packet generators are often just Pcap file replayers. The best known example is tcpreplay. The fast ones usually are Intel DPDK based (CISCO T-Rex). Products of this category are either stateless, or support very simple states only (SYN/SYN ACK). Another category of the tools is targeted for testing networking state machines at application stack layers. Those systems are usually configured via a set of static GUI tables, have no or limited programmability and support for a limited set of protocols. Then there is Scapy. It's programmable, but one has to know Python from the get-go, slow (it's Python after all), with a very limited set of L4-L7 protocols supported.
FlowCoder is fully stateful, WYSIWYG programmable at any stack layer, fast (coded in C++), scalable, with a huge and growing library of supported L4-L7 and L2-L3 protocols. It allows on the fly editing of packets at any stack layer and importing of a Pcap file as a starting point of designing a networking state machine. No other networking product has a full stack packet editor as powerful as SafePcap.
New protocols are added all the time. Here is the partical list:
IP, Ethernet II, IEEE 802.1Q, IPv4, IPv6, UDP, TCP, SCTP, GRE, TLS, TPKT, VXLAN, NetBIOS, SMB, HTTP, HTTP2, FTP, IMAP, POP3, DNS, NTP, OpenFlow, MODBUS, FIXT, ICMPv4, ICMPv6, IGMP Ver 1, IGMP Ver 2, IGMP Ver 3, TELNET, SSH, DHCP, DHCPv6, ARP, RARP, LLDP, XMPP, LDAP, SNMPv1, SNMPv2c, SNMPv2u, SNMPv3, RSVP, BGP, OSPF, CAPWAP, DTLS, SoupBinTCP, NASDAQ OUCH 4.2, CPE-WAN over SOAP, HNCP, Radiotap, IEEE 802.11, L2TPv2, L2TPv3, 802.3/LLC, Cisco AN, Cisco AN, ESP, ISAKMP, CESoPSN, PPPoE, PPPoE, PPP, PPP LCP, PPP IPCP, PPP PAP, SIP, RTP, RTCP, RFC 2833, CISCO Skinny, MSRP, DIAMETER, H.248.1 v1 Text, H.248.1 v1 BER, H.248.1 v2 Text, H.248.1 v2 BER, H.248.1 v3 Text, H.248.1 v3 BER, Q.931/H.225, MGCP, H.323, H.245, RADIUS, SDP, IMS XML App part, T.38, SCSI, iSCSI, SCSI, MODBUS, Bluetooth, HCI, L2CAP, DNP3, MPEG2 TS, DOCSIS, MTP3b ITU, MTP3 ITU, MTP T&M ITU, BICC ITU, ISUP ITU, SCCP ITU, SCMG ITU, TCAP/INAP-CS1, TCAP/INAP-CS2, TCAP/INCS1-PLUS-C, TUP ITU, TCAP/INAP-CS2-ETSI, TCAP/SINAP6i, TCAP/SINAP7M, MTP2 ANSI, MTP3b ANSI, MTP3 ANSI, MTP T&M ANSI, ISUP ANSI, SCCP ANSI, SCMG ANSI, ISUP China, TUP China, ISDN, QSIG, DPNSS, IUA, M2UA, M3UA, SUA, M2PA, DUA, IUP UK, ISUP UK, ISUP Rus, ISUP Israel, ISUP France, T-ISUP, TCAP/T-INAP, GSM Abis L3, GSM Abis O&M, GSM TRAU 16k, GSM TRAU 8k, GSM TFO, GSM BSSAP, GSM DTAP, GSM BSSMAP, SGsAP, GSM BSSAP-LE, GSM DTAP-LE, GSM BSSMAP-LE, GSM Radio L3, GSM Radio SS, GSM Radio GMM/SM, GSM Radio LCS, GSM RRLP, GSM Radio SM-CP, GSM SM-RP, BSSAP PLUS, GSM LLP, GSM BSSLAP, TCAP/MAP Ph1, TCAP/MAP Ph2, TCAP/MAP R96, TCAP/MAP R97, TCAP/MAP R98, TCAP/MAP R4, TCAP/MAP R7, TCAP/MAP R9, TCAP/CAP1, TCAP/CAP2, TCAP/CAP3, TCAP/CAP4, GSM SM-TP, SMPP, UCP, CIMD, GPRS, GSM Gb NS, GSM BSSGP, GSM Gb LLC, TOM, SNDCP, GTPv1, GTPv0, GTP PRIME, GTPv2-C, RANAP, NBAP, LTE S1AP, LTE NAS, LTE EMM, LTE ESM, LTE X2AP, IuUP, IS-41, TCAP/IS-41-D, TCAP/IS-41-E, CDMA PDS IS-801, CDMA PDS IS-801, CDMA SMS IS-637, SMS EIA-136-710, SMS EIA-136-710, CDMA, CDMA A11, CDMA A1 BSAP, CDMA A1 BSMAP, CDMA A1 DTAP, CDMA A9.
No. We execute them directly. No scripting language is required.
Any layer from IP up, including binary encoded application layers.
Yes. You have full read/write access to *all* packet fields at *all* stack layers before pushing packets out to a wire, and when packets are received.
Yes. An individual field, a whole PDU (networking stack layer data), or the whole packet. And you don't need to write any code to do that.
Yes. This is how the load is scaled.
Yes and yes. You can do packet fuzzing on the fly.