* Style changed.
* Test engine added.
* bin; Keeping the client “alive” forever.
* index.js; Added a lost dependency and a minor renaming.
* package.json; Lost dependency added.
* New style guide and other refactors (mostly good practices).
Bluebox-ng is a GPL VoIP/UC vulnerability scanner written using Node.js powers.
* Auto VoIP/UC penetration test
* Report generation
* RFC compliant
* SIP TLS and IPv6 support
* SIP over websockets (and WSS) support (RFC 7118)
* SHODAN, exploitsearch.net and Google Dorks
* SIP common security tools (scan, extension/password bruteforce, etc.)
* Authentication and extension brute-forcing through different types of SIP requests
* SIP Torture (RFC 4475) partial support
* SIP SQLi check
* SIP denial of service (DoS) testing
* Web management panels discovery
* DNS brute-force, zone transfer, etc.
* Other common protocols brute-force: Asterisk AMI, MySQL, MongoDB, SSH, (S)FTP, HTTP(S), TFTP, LDAP, SNMP
* Some common network tools: whois, ping (also TCP), traceroute, etc.
* Asterisk AMI post-explotation
* Dumb fuzzing
* Automatic exploit searching (Exploit DB, PacketStorm, Metasploit)
* Automatic vulnerability searching (CVE, OSVDB, NVD)
* VirusTotal IP, URL and domain
* Colored output
* Command completion
* Cross-platform support
npm update -g bluebox-ng
+ Node.js: http://nodejs.org/.
— A comfortable way to keep your Node version updated is to use the official binary distributions: https://github.com/nodesource/distributions
— These scripts don’t work in Kali GNU/Linux (https://github.com/nodesource/distributions/issues/28#issuecomment-60062280), so we’ve implemented one which also installs Bluebox-ng. Yoy can use it using the next command: curl -sL https://raw.githubusercontent.com/jesusprubio/bluebox-ng/master/artifacts/installScripts/kali.sh | sudo bash –
+ Nmap (only for “nmapScan” module): http://nmap.org/
npm i -g bluebox-ng
NOTE: It takes a while because we’re using a lot of official modules (Mongo, LDAP, etc.) which need to compile some stuff.
Console client: bluebox-ng
As a library:
Download from git:
git clone https://github.com/jesusprubio/bluebox-ng && cd bluebox-ng
git pull origin master
then run againt