NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Pen-test> 2009-05

WarVOX 1.0.1 Released

From: H D Moore (sflistdigitaloffense.net)
Date: Fri May 15 2009 - 08:45:29 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Version 1.0.1 of the WarVOX phone analysis suite has been released.
Notable changes since 1.0.0:

  - License changed to BSD, no restrictions on commercial use
  - Support number exclusion lists / black lists (regex based)
  - Support for phone number ranges in addition to masks
  - Support for multiple ranges and masks per job
  - Numerous bug fixes and stability improvements
  - Command line script for exporting dial results (bin/export_list.rb)

Download:
http://warvox.org/releases/warvox-1.0.1.tar.gz

Background:
http://warvox.org/

WarVOX is a suite of tools for exploring, classifying, and auditing
telephone systems. Unlike normal wardialing tools, WarVOX works with the
actual audio from each call and does not use a modem directly. This model
allows WarVOX to find and classify a wide range of interesting lines,
including modems, faxes, voice mail boxes, PBXs, loops, dial tones, IVRs,
and forwarders. WarVOX provides the unique ability to classify all
telephone lines in a given range, not just those connected to modems,
allowing for a comprehensive audit of a telephone system.

WarVOX requires no telephony hardware and is massively scalable by
leveraging Internet-based VoIP providers. A single instance of WarVOX on a
residential broadband connection, with a typical VoIP account, can scan
over 1,000 numbers per hour. The speed of WarVOX is limited only by
downstream bandwidth and the limitations of the VoIP service. Using two
providers with over 40 concurrent lines we have been able to scan entire
10,000 number prefixes within 3 hours.

-HD

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]