[Bluebox-ng] UC/VoIP Security Tool

Bluebox-ng is a next generation UC/VoIP security tool. It has been written in CoffeeScript using Node.js powers. This project is "our 2 cents" to help to improve information security practices in VoIP/UC environments.



Install

GNU/Linux and Mac OS X
Windows

Features

  • RFC compliant
  • TLS and IPv6 support
  • SIP over websockets (and WSS) support (draft-ietf-sipcore-sip-websocket-08)
  • SHODAN, exploitsearch.net and Google Dorks
  • SIP common security tools (scan, extension/password bruteforce, etc.)
  • REGISTER, OPTIONS, INVITE, MESSAGE, SUBSCRIBE, PUBLISH, OK, ACK, CANCEL, BYE and Ringing requests support
  • Authentication through different types of requests
  • SIP denial of service (DoS) testing
  • SRV and NAPTR discovery
  • Dumb fuzzing
  • Common VoIP servers web management panels discovery
  • Automatic exploit searching (Exploit DB, PacketStorm, Metasploit)
  • Automatic vulnerability searching (CVE, OSVDB, NVD)
  • Geolocation
  • Colored output
  • Command completion
  • It runs in GNU/Linux, Mac OS X and Windows