You can manipulate simpler types of network traffic using the GUI tools and undertake more complex tasks using a PERL-like API, though once you head down that road, you've lost most of the speed and elegance of test creation that make Protocol Modeler attractive.
You Go Test
When we first fired up Protocol Modeler in our Chicago Neohapsis partner labs, we used the product's wizards to walk us through common security-testing activities. One wizard crawls a Web site looking for SQL-disclosure vulnerabilities, cross-site scripting bugs and opportunities for successful command-injection attacks. Unfortunately, even on the small test Web site we pointed this script at--a beta version of our corporate intranet server--Protocol Modeler crashed. Cenzic blamed the crash on bugs that had infiltrated the latest released version of the code (more on this later). A smaller site with less user interaction proved a more digestible target.
Another wizard tests firewalls. Basically, it turns Protocol Modeler into a glorified port scanner--a rather uninteresting use for such a flexible tool.