Hi guys! Since I started to write Bluebox-ng I've been tracking the different security projects I found written in Node.js. Now we've published the first stable version we think it's the right moment to speak among us (and, of course, everyone interested in it :).
- I think we're rewriting the same stuff in our respective projects again and again. For example, almost any tool supports IPv6 because the functions we need are still not present in the Node core and the libraries I found (IMHO) were not enough.
- There're different projects implementing exactly the same thing, ie: port scanners.
- We're working in a too new environment, so we need to make it together.
- Our 2 cents to make Node still more awesome. Now we have io.js whose main idea is to gain commiters.
To clarify: We've NO interest in keeping the project name or something similar, our only idea is to code in a bigger community.
The whole list of modules we've implemented in Bluebox until now. A lot of them are only a wrapper to somebody's modules, but we can have an idea of what is already implemented. Neither of them use external (no-JavaScript) tools, except the system ones (ie: ping)
amiBrute
Try to brute-force valid credentials for the Asterisk Manager service (AMI)
amiCommand
Use the Asterisk Manager service (AMI) to run a command
amiCommandList
List the Asterisk Manager service (AMI) supported commands
amiCoreSetting
Use the Asterisk Manager service (AMI) to get the core settings of the server
amiCoreShowChannels
Use the Asterisk Manager service (AMI) to get channels of the server
amiCoreStatus
Use the Asterisk Manager service (AMI) to get the actual status of the (core) server
amiGetConfig
Use the Asterisk Manager service (AMI) to change a config file
amiDadhiShowChannels
Use the Asterisk Manager service (AMI) to get channels (DADHI) of the server
amiExtensionState
Use the Asterisk Manager service (AMI) to get actual state of an extension
amiGetConfig
Use the Asterisk Manager service (AMI) to get a config file
amiGetVar
Use the Asterisk Manager service (AMI) to get the value of a setup variable
amiReload
Use the Asterisk Manager service (AMI) to reload the server config
amiSetVar
Use the Asterisk Manager service (AMI) to set the value of a setup variable
amiShowDialPlan
Use the Asterisk Manager service (AMI) to get the dialplan of the server
amiSipPeers
Use the Asterisk Manager service (AMI) to get SIP Peers of the server
amiSipShowRegistry
Use the Asterisk Manager service (AMI) to get SIP Registry of the server
amiStatus
Use the Asterisk Manager service (AMI) to get the actual status of the server
amiVoiceMailUsersList
Use the Asterisk Manager service (AMI) to locate voicemail users
auto
Automated VoIP/UC pentesting.
defaultCredentials
Show common VoIP system default credentials
dnsBrute
DNS brute force
dnsResolve
Resolve common VoIP DNS registers (SRV, NAPTR) for an specific domain
dnsReverse
DNS inverse resolution of an IP address
dumbFuzz
Really stupid app layer fuzzer (underlying support: UDP, TCP, TLS, [secure] websockects)
exploitSearch
Find vulnerabilities and exploit for an specifig service version (using exploitsearch.net API)
ftpBrute
Try to brute-force valid credentials for the FTP protocol
geoLocate
Geolozalization (freegeoip.net)
getExtIp
Get your external IP address
googleDorks
Find potential targets using a Google dork
httpBrute
Try to brute-force valid credentials for the HTTP protocol
httpBruteDir
Try to brute-force valid files/directories in a web server
httpBrute
Try to brute-force valid credentials for a LDAP/Active Directory server
mongoBrute
MongoDB credentials brute-force
mysqlBrute
Try to brute-force valid credentials for a MySQL database
networkScan
Host/port network scanner (Evilscanner, only full TCP for now)
ping
Ping protocol client
pingTcp
Ping client (TCP protocol)
shodanExploits
Find vulnerabilities and exploit for an specifig service version (using SHODAN API)
shodanHost
Look if the target is indexed by SHODAN computer search engine
shodanPopular
Quick access to popular SHODAN related queries
shodanSearch
Find potential targets in SHODAN computer search engine
sipBruteExt100
SIP extension brute-forcer (CVE-2011-2536 / AST-2011-011)
sipBruteExt404
SIP extension brute-forcer (CVE-2009-3727 / AST-2009-008)
sipBrutePass
SIP credentials brute-force
sipBruteSlow
To check if the server is blocking slow brute-force attacks.
sipDos
DoS protection mechanisms stress test (it waits for a response)
sipScan
SIP host/port scanner
sipSqli
To check if the server blocks SIP SQLi attacks
sipTorture
SIP Torture stress test (crafted packets)
sipUnauthCall
To check if a server allows unauthenticated calls
tftpBrute
Try to brute-force valid communities for the SNMP protocol
sshBrute
Try to brute-force valid credentials for the SSH protocol
tftpBrute
Try to brute-force valid credentials for the TFTP protocol
traceroute
Display the route of your packages
version
Version of Bluebox-ng
whois
WHOIS protocol client
wifiScan
Wifi access point scanner