Universal Protocol Analysis & Simulation Framework
Project description
๐ฏ UPAS - Universal Protocol Analysis & Simulation
Advanced Protocol Reverse Engineering & Network Service Emulation Platform
๐ Quick Start โข ๐ Documentation โข ๐ฎ Examples โข ๐ ๏ธ Development
๐ฏ What is UPAS?
UPAS (Universal Protocol Analysis & Simulation) is a production-ready framework for protocol reverse engineering, network service emulation, and advanced protocol testing. Originally designed for industrial protocol analysis, UPAS enables security researchers, network engineers, and developers to:
- ๐ Reverse engineer complex network protocols with dynamic pattern matching
- ๐ญ Emulate sophisticated network services with multi-packet response capabilities
- ๐ญ Simulate industrial protocols (Modbus, CAN, custom IoT systems)
- ๐ก๏ธ Test security vulnerabilities in network stacks and devices
- ๐ก Develop protocol analyzers with real-time variable extraction
- ๐ช Create behavior simulations with intelligent state management
โจ Key Features
๐ฏ Advanced Pattern Matching
- Dynamic variable capture: Extract values with
[CAPTURE:VAR:size] - Wildcard operations: Skip content with
[SKIP:n]and[WILDCARD:n] - Binary pattern support: Hex patterns with mixed static/dynamic content
- Real-time analysis: Immediate pattern matching during packet processing
๐ Multi-Packet Response System
- Sequential responses: Ordered packets with ACK validation and retry logic
- Burst responses: Parallel transmission for complex protocols
- Delayed sequences: Custom timing control for realistic simulation
- Response strategies: Single, sequence, burst, and delayed modes
๐ Intelligent State Management
- Behavior-driven transitions: State changes triggered by execution success
- State-only behaviors: Transitions without packets (timeouts, delays)
- Conditional filtering: Behaviors active only in specific protocol phases
- Entry/exit actions: Automatic behavior execution on state changes
๐ Service-Aware Transport
- Automatic routing: TCP/UDP service selection via transport layer
- Multi-service support: UDP unicast/multicast, TCP client/server
- Advanced socket management: Robust connection handling with fallbacks
- Interface control: Multi-homed systems with interface binding
๐ Quick Start
Installation
UPAS is designed for minimal dependencies with optional feature sets:
# ๐ฏ Minimal Installation (Recommended - Zero dependencies)
pip install upas
# ๐ฌ With Analysis Features (PCAP support)
pip install upas[analysis]
# ๐ With IoT Features (MQTT, Serial)
pip install upas[iot]
# ๐ Full Installation (All features)
pip install upas[full]
๐ Installation Modes: See the WIKI for detailed information about each installation mode and their specific use cases.
Basic Usage
# Run protocol with clean output (default)
upas run examples/simple_beacon.json
# Verbose logging with execution details
upas run examples/heartbeat_monitor.json -v
# Full debug logging for development
upas run examples/iot_discovery.json -d
# Quiet mode (errors only)
upas run examples/simple_beacon.json -q
# Run with specific network interface
upas run examples/modbus_simulation.json --interface eth0
Simple Protocol Example
{
"protocol": {
"name": "UDP_Beacon",
"version": "1.0",
"description": "Basic UDP beacon example"
},
"variables": {
"MESSAGE": "Hello UPAS",
"COUNTER": 0
},
"functions": {
"increment": "lambda x: (x + 1) % 0xFF"
},
"transports": {
"ethernet": {
"type": "ethernet",
"services": {
"udp_service": {
"type": "udp_unicast",
"bind": "0.0.0.0:12345"
}
}
}
},
"behaviors": {
"beacon": {
"type": "periodic",
"interval": 2000,
"transport": "ethernet",
"destination": "127.0.0.1:12346",
"payload": ["BEACON", "[MESSAGE]", "[COUNTER:1:increment]"]
}
}
}
๐ Programmatic API
UPAS provides a powerful Python API for integrating protocol simulation into your applications.
Basic Usage
import asyncio
import upas
async def main():
# Run protocol for 30 seconds
manager = await upas.run_protocol('protocol.json', duration=30)
# Check current state
print(f"Current state: {manager.get_current_state()}")
# Get protocol variables
variables = manager.get_variables()
print(f"Variables: {variables}")
asyncio.run(main())
Advanced Protocol Control
import upas
async def advanced_example():
# Create protocol manager
manager = upas.ProtocolManager('protocol.json')
# Register state change callbacks
def on_connected():
print("Protocol connected! Switching to monitoring mode...")
manager.set_variable("MODE", "MONITORING")
manager.on_state_change("CONNECTED", on_connected)
# Start protocol
await manager.start_async(duration=60)
# Dynamic state transition
success = manager.transition_to_state("AUTHENTICATED")
if success:
print("Successfully transitioned to AUTHENTICATED state")
# Stop when done
manager.stop()
Dynamic Protocol Switching
import upas
async def protocol_switching():
# Start with discovery protocol
manager = await upas.run_protocol('discovery.json')
# Register protocol change callback
def on_protocol_change(new_protocol):
print(f"Switched to: {new_protocol['protocol']['name']}")
manager.on_protocol_change("switch", on_protocol_change)
# Wait for discovery completion
await asyncio.sleep(10)
# Switch to operational protocol
await upas.change_protocol(manager, 'operational.json')
# Continue with new protocol
await asyncio.sleep(30)
manager.stop()
Engine-Level Control
import upas
async def engine_control():
# Create and configure engine directly
engine = await upas.create_engine('protocol.json')
# Start engine
await engine.start()
# Monitor execution
while engine.is_running():
stats = engine.get_statistics()
print(f"State: {stats['current_state']}, Behaviors: {stats['behaviors']}")
await asyncio.sleep(1)
# Stop engine
await engine.stop()
API Reference
| Function | Description |
|---|---|
run_protocol() |
High-level protocol execution |
ProtocolManager() |
Advanced protocol control class |
load_protocol() |
Load protocol from file |
create_engine() |
Create engine instance |
transition_to_state() |
Force state transition |
change_protocol() |
Dynamic protocol switching |
๐ฎ Examples
๐ง Protocol Testing & Simulation
# Modbus RTU simulation
upas run examples/modbus_simulation.json -v
# Custom IoT protocol with state machine
upas run examples/iot_discovery.json -d
๐ Network Service Emulation
# IoT device discovery protocol
upas run examples/iot_discovery.json
# Sensor network simulation
upas run examples/sensor_network.json
๐ก Advanced Protocol Analysis
# Multi-phase protocol testing
upas run examples/advanced_protocol_example.json
# Protocol composition chains
upas run protocols/compositions/hybrid_discovery.json
๐ Documentation
๐ Core Documentation
- ๐ SPECIFICATIONS.md - Complete protocol language reference
- ๐ REFERENCES.md - JSON syntax quick reference
- ๐ง WIKI.md - Implementation guide and advanced features
- ๐ฆ Protocol Library - Standard protocol collection
๐ฏ Key Concepts
Pattern Matching Syntax
"payload_pattern": "[PREFIX:8][CAPTURE:SESSION_ID:4][SKIP:8]DATA[SUFFIX:4]"
Multi-Packet Responses
"response": {
"mode": "sequence",
"packets": [
{"id": "ack", "payload": ["ACK[SESSION_ID:4]"], "timeout": 5.0},
{"id": "data", "payload": ["DATA[RESPONSE:*]"], "delay": 0.1}
]
}
State Machine Control
"active_states": ["DISCOVERING", "CONNECTED"],
"transition": "AUTHENTICATED"
๐๏ธ Protocol Development
Quick Start Template
{
"protocol": {
"name": "Your_Protocol",
"version": "1.0",
"description": "Protocol description"
},
"variables": {
"PORT": 8080,
"MESSAGE": "Hello World"
},
"transports": {
"ethernet": {
"type": "ethernet",
"services": {
"udp_service": {
"type": "udp_unicast",
"bind": "0.0.0.0:[PORT]"
}
}
}
},
"behaviors": {
"periodic_beacon": {
"type": "periodic",
"interval": 1000,
"transport": "ethernet",
"destination": "127.0.0.1:8081",
"payload": ["[MESSAGE]"]
}
}
}
Protocol Validation
# Validate single protocol
upas validate examples/simple_beacon.json
# Validate all protocols in directory
upas validate protocols/
# Validate with verbose output
upas validate examples/ -v
๐ ๏ธ Development
Project Structure
upas-cli/
โโโ src/upas/ # Core UPAS framework
โ โโโ core/ # Engine, behaviors, transport
โ โ โโโ behavior/ # Behavior system
โ โ โโโ transport/ # Network transport layer
โ โ โโโ protocol/ # Protocol engine
โ โโโ analysis/ # Protocol analysis tools
โ โโโ cli.py # Command-line interface
โโโ protocols/ # Standard protocol library
โ โโโ behaviors/ # Reusable behavior components
โ โโโ transports/ # Transport configurations
โ โโโ compositions/ # Protocol compositions
โโโ examples/ # Usage examples
โโโ docs/ # Documentation
โโโ tests/ # Test suite
Installation for Development
# Clone repository
git clone https://github.com/BitsDiver/upas-cli.git
cd upas-cli
# Create virtual environment
python -m venv venv
source venv/bin/activate # Linux/Mac
# or
venv\\Scripts\\activate # Windows
# Install in development mode
pip install -e .
pip install -r requirements-dev.txt
# Run tests
python -m pytest tests/ -v
# Run with coverage
python -m pytest --cov=src/upas tests/
Contributing
- Fork the repository
- Create feature branch (
git checkout -b feature/amazing-feature) - Commit changes (
git commit -m 'Add amazing feature') - Push to branch (
git push origin feature/amazing-feature) - Open Pull Request
Testing
# Run unit tests
python -m pytest tests/
# Run integration tests
python -m pytest tests/integration/
# Run specific test module
python -m pytest tests/test_engine.py -v
# Generate coverage report
python -m pytest --cov=src/upas --cov-report=html tests/
๐ฏ Use Cases
๐ก๏ธ Security Research
- IoT penetration testing - Emulate vulnerable devices for security assessment
- Protocol fuzzing - Generate malformed packets for vulnerability discovery
- Network reconnaissance - Service discovery and protocol fingerprinting
๐ญ Industrial Automation
- HMI simulation - Test SCADA interfaces and human-machine interactions
- PLC emulation - Industrial protocol testing and commissioning
- Network validation - Protocol compliance and interoperability testing
๐ฌ Research & Development
- Protocol prototyping - Rapid development of custom network protocols
- Network simulation - Large-scale network behavior modeling
- Educational tools - Network protocol education and training
๐ Support & Community
๐ค Getting Help
- ๐ GitHub Issues: Report bugs & request features
- ๐ Documentation: Complete guides in
docs/directory - ๐ฌ Discussions: Community Q&A and feature discussions
- ๐ง Wiki: Advanced configuration examples
๐ Learning Resources
- ๐ Protocol Specifications - Complete language reference
- ๐ Quick Reference - Essential syntax guide
- ๐ญ Real-World Examples - Production protocol samples
- ๐งช Test Cases - Comprehensive test suite examples
๐ License
This project is licensed under the MIT License - see the LICENSE file for details.
MIT License
Copyright (c) 2025 BitsDiver
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
๐ Acknowledgments
UPAS was developed through extensive real-world testing with industrial protocols and IoT devices. Special thanks to the cybersecurity and industrial automation communities for their feedback and contributions.
๐ฏ UPAS v1.0.13 - Production Ready
โจ Advanced Protocol Analysis & Simulation Platform โจ
๐ Get Started โข ๐ Documentation โข ๐ฎ Examples โข ๐ค Contribute
Developed with โค๏ธ for the network protocol analysis community
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
upas-1.0.13.tar.gz
(137.5 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
upas-1.0.13-py3-none-any.whl
(99.8 kB
view details)
File details
Details for the file upas-1.0.13.tar.gz.
File metadata
- Download URL: upas-1.0.13.tar.gz
- Upload date:
- Size: 137.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.18
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9c2926d359a1e5b4a6b9fa8216dd33601fa4de7ea741a11dcdccace260df2716
|
|
| MD5 |
92a0a68ec53efd5686dfa7e839fdac7f
|
|
| BLAKE2b-256 |
a1e8ce797d0f86b7274d62125a5959ddf35138b183e7ad34db57fb232f3c220b
|
File details
Details for the file upas-1.0.13-py3-none-any.whl.
File metadata
- Download URL: upas-1.0.13-py3-none-any.whl
- Upload date:
- Size: 99.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.18
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2dd3ada8433759f3dd91f53fdb8867a187842eae48dc4337a04ab5e11810369c
|
|
| MD5 |
72aa200daa03e16ab7eee935d5ee637b
|
|
| BLAKE2b-256 |
5a2010bdf754f5f5d124e1447d638a633ac936bb8d314aff199ef4a62e9abb1e
|
