bluebox-ng

bluebox-ng v1.0.2 – VoIP pentesting framework written using Node powers.

Changelog v1.0.2:
* Style changed.
* Test engine added.
* bin; Keeping the client “alive” forever.
* index.js; Added a lost dependency and a minor renaming.
* package.json; Lost dependency added.
* New style guide and other refactors (mostly good practices).

bluebox-ng

bluebox-ng

Bluebox-ng is a GPL VoIP/UC vulnerability scanner written using Node.js powers.

::Features::
* Auto VoIP/UC penetration test
* Report generation
* Performance
* RFC compliant
* SIP TLS and IPv6 support
* SIP over websockets (and WSS) support (RFC 7118)
* SHODAN, exploitsearch.net and Google Dorks
* SIP common security tools (scan, extension/password bruteforce, etc.)
* Authentication and extension brute-forcing through different types of SIP requests
* SIP Torture (RFC 4475) partial support
* SIP SQLi check
* SIP denial of service (DoS) testing
* Web management panels discovery
* DNS brute-force, zone transfer, etc.
* Other common protocols brute-force: Asterisk AMI, MySQL, MongoDB, SSH, (S)FTP, HTTP(S), TFTP, LDAP, SNMP
* Some common network tools: whois, ping (also TCP), traceroute, etc.
* Asterisk AMI post-explotation
* Dumb fuzzing
* Automatic exploit searching (Exploit DB, PacketStorm, Metasploit)
* Automatic vulnerability searching (CVE, OSVDB, NVD)
* VirusTotal IP, URL and domain
* Geolocation
* Colored output
* Command completion
* Cross-platform support

Upgrade : 

 Install :

+ Node.js: http://nodejs.org/.
— A comfortable way to keep your Node version updated is to use the official binary distributions: https://github.com/nodesource/distributions
— These scripts don’t work in Kali GNU/Linux (https://github.com/nodesource/distributions/issues/28#issuecomment-60062280), so we’ve implemented one which also installs Bluebox-ng. Yoy can use it using the next command: curl -sL https://raw.githubusercontent.com/jesusprubio/bluebox-ng/master/artifacts/installScripts/kali.sh | sudo bash –
+ Nmap (only for “nmapScan” module): http://nmap.org/

 NOTE: It takes a while because we’re using a lot of official modules (Mongo, LDAP, etc.) which need to compile some stuff.

Use
Console client: bluebox-ng
As a library:use bluebox-ng

Download from git:

Download older stable version: Bluebox-ng-0.1.8.zip (1.12 MB) or Tarball Bluebox-ng-0.1.8.tar,gz(1.19 MB)
Sources : bluebox-ng | our Post Before