home.social
Sign in Create account

#sipsecurity — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #sipsecurity, aggregated by home.social.

  1. Enable Security @[email protected] ·

    Web application security has DVWA and WebGoat. VoIP and WebRTC security hasn't had anything like it ... until now.

    We built DVRTC (Damn Vulnerable Real-Time Communications): a hands-on lab for learning VoIP/WebRTC attack techniques. Full dockerized stack with Kamailio, Asterisk, rtpengine, and coturn — each configured to exhibit specific vulnerable behaviors.

    7 exercises covering SIP extension enumeration, RTP bleed, SIP digest leaks, credential cracking (online and offline), TURN relay abuse, and traffic analysis. There's a live instance at pbx1.dvrtc.net you can test against right now.

    enablesecurity.com/blog/introd

    GitHub: github.com/EnableSecurity/DVRT

    #infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training #TURN

    #infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training
  2. Enable Security @[email protected] ·

    Web application security has DVWA and WebGoat. VoIP and WebRTC security hasn't had anything like it ... until now.

    We built DVRTC (Damn Vulnerable Real-Time Communications): a hands-on lab for learning VoIP/WebRTC attack techniques. Full dockerized stack with Kamailio, Asterisk, rtpengine, and coturn — each configured to exhibit specific vulnerable behaviors.

    7 exercises covering SIP extension enumeration, RTP bleed, SIP digest leaks, credential cracking (online and offline), TURN relay abuse, and traffic analysis. There's a live instance at pbx1.dvrtc.net you can test against right now.

    enablesecurity.com/blog/introd

    GitHub: github.com/EnableSecurity/DVRT

    #infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training #TURN

    #infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training
  3. Enable Security @[email protected] ·

    Web application security has DVWA and WebGoat. VoIP and WebRTC security hasn't had anything like it ... until now.

    We built DVRTC (Damn Vulnerable Real-Time Communications): a hands-on lab for learning VoIP/WebRTC attack techniques. Full dockerized stack with Kamailio, Asterisk, rtpengine, and coturn — each configured to exhibit specific vulnerable behaviors.

    7 exercises covering SIP extension enumeration, RTP bleed, SIP digest leaks, credential cracking (online and offline), TURN relay abuse, and traffic analysis. There's a live instance at pbx1.dvrtc.net you can test against right now.

    enablesecurity.com/blog/introd

    GitHub: github.com/EnableSecurity/DVRT

    #infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training #TURN

    #infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training
  4. Enable Security @[email protected] ·

    Web application security has DVWA and WebGoat. VoIP and WebRTC security hasn't had anything like it ... until now.

    We built DVRTC (Damn Vulnerable Real-Time Communications): a hands-on lab for learning VoIP/WebRTC attack techniques. Full dockerized stack with Kamailio, Asterisk, rtpengine, and coturn — each configured to exhibit specific vulnerable behaviors.

    7 exercises covering SIP extension enumeration, RTP bleed, SIP digest leaks, credential cracking (online and offline), TURN relay abuse, and traffic analysis. There's a live instance at pbx1.dvrtc.net you can test against right now.

    enablesecurity.com/blog/introd

    GitHub: github.com/EnableSecurity/DVRT

    #infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training #TURN

    #turn #training #penetrationtesting #sipsecurity #voipsecurity #webrtc