Bluebox-ng Beta UC/VoIP Released
Bluebox-ng is a next generation UC/VoIP security tool. It has been written in CoffeeScript using Node.js powers. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
Features
- RFC compliant
- TLS and IPv6 support
- SIP over websockets (and WSS) support (draft-ietf-sipcore-sip-websocket-08)
- SHODAN, exploitsearch.net and Google Dorks
- SIP common security tools (scan, extension/password bruteforce, etc.)
- REGISTER, OPTIONS, INVITE, MESSAGE, SUBSCRIBE, PUBLISH, OK, ACK, CANCEL, BYE and Ringing requests support
- Authentication through different types of requests
- SIP denial of service (DoS) testing
- SRV and NAPTR discovery
- Dumb fuzzing
- Common VoIP servers web management panels discovery
- Automatic exploit searching (Exploit DB, PacketStorm, Metasploit)
- Automatic vulnerability searching (CVE, OSVDB, NVD)
- Geolocation
- Colored output
- Command completion
- It runs in GNU/Linux, Mac OS X and Windows
Beta Changelog
- IPv6 support.
- Exploitsearch.net API support.
- DNS module finished.
- Nicer outputs.
- Simpler setup process.
- A network host/port scanner (Evilscan).
- Dirscan-node upgraded to version 0.5.
- Added some numerical lists (with different paddings) to use with brute-force modules.
- Host list files and port ranges support included in SipScan module.
- Solved SipBrutePass module problem with too much asyncronous requests.
- A lot of refinements in the whole code.
More Information: here