Neurologically Paralyzing Mouseovers

    This package has been deprecated

    Author message:

    UNMANTAINED project, no time :(

    bluebox-ng

    1.1.0 • Public • Published

    Bluebox-ng

    Black Hat Arsenal Continuos integration NSP Status

    npm info

    Pentesting framework using Node.js powers. Specially focused in VoIP/UC.

    Features

    • Auto VoIP/UC penetration test
    • Report generation
    • Performance
    • RFC compliant
    • SIP TLS and IPv6 support
    • SIP over websockets (and WSS) support (RFC 7118)
    • SHODAN, exploitsearch.net and Google Dorks
    • SIP common security tools (scan, extension/password bruteforce, etc.)
    • Authentication and extension brute-forcing through different types of SIP requests
    • SIP Torture (RFC 4475) partial support
    • SIP SQLi check
    • SIP denial of service (DoS) testing
    • Web management panels discovery
    • DNS brute-force, zone transfer, etc.
    • Other common protocols brute-force: Asterisk AMI, MySQL, MongoDB, SSH, (S)FTP, HTTP(S), TFTP, LDAP, SNMP
    • Some common network tools: whois, ping (also TCP), traceroute, etc.
    • Asterisk AMI post-explotation
    • Dumb fuzzing
    • Automatic exploit searching (Exploit DB, PacketStorm, Metasploit)
    • Automatic vulnerability searching (CVE, OSVDB, NVD)
    • Geolocation
    • Command completion
    • Cross-platform support

    Install

    • Install the last Node.js stable version.

    • https://nodejs.org/download

    • A better alternative for developers is to use nvm, to test different versions.

    • Get a copy of the code and install Node dependencies.

    npm i -g bluebox-ng

    Kali GNU/Linux

    • curl -sL https://raw.githubusercontent.com/jesusprubio/bluebox-ng/master/artifacts/installScripts/kali2.sh | sudo bash -

    Use

    • Console client: bluebox-ng
    • As a library:
    const Bluebox = require('bluebox-ng');
     
    const bluebox = new Bluebox({});
    const moduleOptions = { target: '8.8.8.8' };
     
     
    console.log('Modules info:');
    console.log(JSON.stringify(bluebox.help(), null, 2));
     
    bluebox.runModule('geolocation', moduleOptions, (err, result) => {
      if (err) {
        console.log('Error:');
        console.log(err);
      } else {
        console.log('Result:');
        console.log(result);
      }
    });

    Issues

    Developer guide

    • Start coding with one of the actual modules similar to the new one as a boilerplate.
    • Use GitHub pull requests.

    Conventions:

    • We use ESLint and Airbnb style guide.
    • Please run to be sure your code fits with it and the tests keep passing:
    npm run-script cont-int

    Debug

    We use the visionmedia module, so you have to use this environment variable:

    DEBUG=bluebox* npm start

    Commit messages rules:

    • It should be formed by a one-line subject, followed by one line of white space. Followed by one or more descriptive paragraphs, each separated by one line of white space. All of them finished by a dot.
    • If it fixes an issue, it should include a reference to the issue ID in the first line of the commit.
    • It should provide enough information for a reviewer to understand the changes and their relation to the rest of the code.

    Core devs

    Contributors

    Thanks to

    License

    This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

    This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

    You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.

    Install

    npm i bluebox-ng

    DownloadsWeekly Downloads

    9

    Version

    1.1.0

    License

    GPL-3.0

    Last publish

    Collaborators

    • jesusprubio