Bluebox-ng Beta UC/VoIP Released

Bluebox-ng is a next generation UC/VoIP security tool. It has been written in CoffeeScript using Node.js powers. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

Features

RFC compliant
TLS and IPv6 support
SIP over websockets (and WSS) support (draft-ietf-sipcore-sip-websocket-08)
SHODAN, exploitsearch.net and Google Dorks
SIP common security tools (scan, extension/password bruteforce, etc.)
REGISTER, OPTIONS, INVITE, MESSAGE, SUBSCRIBE, PUBLISH, OK, ACK, CANCEL, BYE and Ringing requests support
Authentication through different types of requests
SIP denial of service (DoS) testing
SRV and NAPTR discovery
Dumb fuzzing
Common VoIP servers web management panels discovery
Automatic exploit searching (Exploit DB, PacketStorm, Metasploit)
Automatic vulnerability searching (CVE, OSVDB, NVD)
Geolocation
Colored output
Command completion
It runs in GNU/Linux, Mac OS X and Windows

Beta Changelog

IPv6 support.
Exploitsearch.net API support.
DNS module finished.
Nicer outputs.
Simpler setup process.
A network host/port scanner (Evilscan).
Dirscan-node upgraded to version 0.5.
Added some numerical lists (with different paddings) to use with brute-force modules.
Host list files and port ranges support included in SipScan module.
Solved SipBrutePass module problem with too much asyncronous requests.
A lot of refinements in the whole code.