Signsrch is a tool that searches for signatures inside raw files and executables. It can recognize a large number of compression, multimedia, and encryption algorithms and many other things like known strings and portions of anti-debugging code. Definitions can be manually added, since they are based on an ease-to-modify text signature file that is read at runtime. It also supports the scanning of processes, conversion of executable memory offsets, 8, 16, 32 and 64 bits, float and double, plus automatic CRC table creation and C style strings.
6jack is a framework for testing, analyzing, and fuzzing network applications. 6jack runs a command, intercepts calls to common network-related system calls, and passes them through an external filter. A filter can be written in any language supporting the MessagePack serialization library. 6jack is especially useful for writing tests for clients and servers, debugging and reverse engineering protocols, sketching filtering proxies, and fuzzing.
Netzob supports the expert in reverse engineering, evaluation, and simulation of communication protocols. Its main goals are to help security evaluators to assess the robustness of proprietary or unknown protocol implementations, simulate realistic communications to test third-party products (IDS, firewalls, etc.), and create an Open Source implementation of a proprietary or unknown protocol. Netzob provides a semi-automatic inferring process, and includes everything necessary to passively learn the vocabulary of a protocol and actively infer its grammar. The learnt protocol can afterward be simulated. Netzob handles text protocols (like HTTP and IRC), fixed field protocols (like IP and TCP), and variable field protocols (like ASN.1-based formats).