Bluebox-ng 是一个开源的 VoIP/UC 漏洞扫描器，使用 CoffeeScript 和 Node.js 编写。

特点：

• RFC compliant
• TLS and IPv6 support
• SIP over websockets (and WSS) support (draft-ietf-sipcore-sip-websocket-08)
• SHODAN, exploitsearch.net and Google Dorks
• SIP common security tools (scan, extension/password bruteforce, etc.)
• REGISTER, OPTIONS, INVITE, MESSAGE, SUBSCRIBE, PUBLISH, OK, ACK, CANCEL, BYE and Ringing requests support
• Authentication through different types of requests
• SIP denial of service (DoS) testing
• SRV and NAPTR discovery
• Dumb fuzzing
• Common VoIP servers web management panels discovery
• Automatic exploit searching (Exploit DB, PacketStorm, Metasploit)
• Automatic vulnerability searching (CVE, OSVDB, NVD)
• Geolocation
• Colored output
• Command completion
• It runs in GNU/Linux, Mac OS X and Windows

您可能感兴趣的文章: