home.social

#voipsecurity — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #voipsecurity, aggregated by home.social.

  1. RE: infosec.exchange/@enablesecuri

    VoIP/WebRTC security has needed a DVWA equivalent for a long time. We built DVRTC: full dockerized VoIP stack, intentionally vulnerable, 7 guided exercises.

    Live instance at pbx1.dvrtc.net — try it now.

    enablesecurity.com/blog/introd

    #infosec #webrtc #voipsecurity #penetrationtesting #training

  2. RE: infosec.exchange/@enablesecuri

    VoIP/WebRTC security has needed a DVWA equivalent for a long time. We built DVRTC: full dockerized VoIP stack, intentionally vulnerable, 7 guided exercises.

    Live instance at pbx1.dvrtc.net — try it now.

    enablesecurity.com/blog/introd

    #infosec #webrtc #voipsecurity #penetrationtesting #training

  3. RE: infosec.exchange/@enablesecuri

    VoIP/WebRTC security has needed a DVWA equivalent for a long time. We built DVRTC: full dockerized VoIP stack, intentionally vulnerable, 7 guided exercises.

    Live instance at pbx1.dvrtc.net — try it now.

    enablesecurity.com/blog/introd

    #infosec #webrtc #voipsecurity #penetrationtesting #training

  4. RE: infosec.exchange/@enablesecuri

    VoIP/WebRTC security has needed a DVWA equivalent for a long time. We built DVRTC: full dockerized VoIP stack, intentionally vulnerable, 7 guided exercises.

    Live instance at pbx1.dvrtc.net — try it now.

    enablesecurity.com/blog/introd

    #infosec #webrtc #voipsecurity #penetrationtesting #training

  5. RE: infosec.exchange/@enablesecuri

    VoIP/WebRTC security has needed a DVWA equivalent for a long time. We built DVRTC: full dockerized VoIP stack, intentionally vulnerable, 7 guided exercises.

    Live instance at pbx1.dvrtc.net — try it now.

    enablesecurity.com/blog/introd

    #infosec #webrtc #voipsecurity #penetrationtesting #training

  6. Web application security has DVWA and WebGoat. VoIP and WebRTC security hasn't had anything like it ... until now.

    We built DVRTC (Damn Vulnerable Real-Time Communications): a hands-on lab for learning VoIP/WebRTC attack techniques. Full dockerized stack with Kamailio, Asterisk, rtpengine, and coturn — each configured to exhibit specific vulnerable behaviors.

    7 exercises covering SIP extension enumeration, RTP bleed, SIP digest leaks, credential cracking (online and offline), TURN relay abuse, and traffic analysis. There's a live instance at pbx1.dvrtc.net you can test against right now.

    enablesecurity.com/blog/introd

    GitHub: github.com/EnableSecurity/DVRT

    #infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training #TURN

  7. Web application security has DVWA and WebGoat. VoIP and WebRTC security hasn't had anything like it ... until now.

    We built DVRTC (Damn Vulnerable Real-Time Communications): a hands-on lab for learning VoIP/WebRTC attack techniques. Full dockerized stack with Kamailio, Asterisk, rtpengine, and coturn — each configured to exhibit specific vulnerable behaviors.

    7 exercises covering SIP extension enumeration, RTP bleed, SIP digest leaks, credential cracking (online and offline), TURN relay abuse, and traffic analysis. There's a live instance at pbx1.dvrtc.net you can test against right now.

    enablesecurity.com/blog/introd

    GitHub: github.com/EnableSecurity/DVRT

    #infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training #TURN

  8. Web application security has DVWA and WebGoat. VoIP and WebRTC security hasn't had anything like it ... until now.

    We built DVRTC (Damn Vulnerable Real-Time Communications): a hands-on lab for learning VoIP/WebRTC attack techniques. Full dockerized stack with Kamailio, Asterisk, rtpengine, and coturn — each configured to exhibit specific vulnerable behaviors.

    7 exercises covering SIP extension enumeration, RTP bleed, SIP digest leaks, credential cracking (online and offline), TURN relay abuse, and traffic analysis. There's a live instance at pbx1.dvrtc.net you can test against right now.

    enablesecurity.com/blog/introd

    GitHub: github.com/EnableSecurity/DVRT

    #infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training #TURN

  9. Web application security has DVWA and WebGoat. VoIP and WebRTC security hasn't had anything like it ... until now.

    We built DVRTC (Damn Vulnerable Real-Time Communications): a hands-on lab for learning VoIP/WebRTC attack techniques. Full dockerized stack with Kamailio, Asterisk, rtpengine, and coturn — each configured to exhibit specific vulnerable behaviors.

    7 exercises covering SIP extension enumeration, RTP bleed, SIP digest leaks, credential cracking (online and offline), TURN relay abuse, and traffic analysis. There's a live instance at pbx1.dvrtc.net you can test against right now.

    enablesecurity.com/blog/introd

    GitHub: github.com/EnableSecurity/DVRT

    #infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training #TURN

  10. Web application security has DVWA and WebGoat. VoIP and WebRTC security hasn't had anything like it ... until now.

    We built DVRTC (Damn Vulnerable Real-Time Communications): a hands-on lab for learning VoIP/WebRTC attack techniques. Full dockerized stack with Kamailio, Asterisk, rtpengine, and coturn — each configured to exhibit specific vulnerable behaviors.

    7 exercises covering SIP extension enumeration, RTP bleed, SIP digest leaks, credential cracking (online and offline), TURN relay abuse, and traffic analysis. There's a live instance at pbx1.dvrtc.net you can test against right now.

    enablesecurity.com/blog/introd

    GitHub: github.com/EnableSecurity/DVRT

    #infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training #TURN

  11. CVE-2026-2329 — Critical VoIP RCE
    Affects: Grandstream GXP1600
    Type: Stack-based buffer overflow
    Impact: Unauthenticated RCE (root)

    Attack Path:
    • Extract SIP credentials
    • Modify SIP proxy settings
    • Transparent call interception

    Operational risk:
    • SMB exposure
    • Flat networks
    • Insufficient VoIP monitoring

    Patch available: Firmware 1.0.7.81.
    Community question:
    Are you incorporating VoIP firmware into vulnerability scanning pipelines?

    Do you log and monitor SIP configuration changes?

    Source: securityweek.com/critical-gran

    Engage below and follow TechNadu for detailed CVE intelligence and technical breakdowns.

    #ThreatIntel #VoIPSecurity #CVE20262329 #RCE #VulnerabilityManagement #NetworkDefense #Infosec #CyberRisk

  12. CVE-2026-2329 — Critical VoIP RCE
    Affects: Grandstream GXP1600
    Type: Stack-based buffer overflow
    Impact: Unauthenticated RCE (root)

    Attack Path:
    • Extract SIP credentials
    • Modify SIP proxy settings
    • Transparent call interception

    Operational risk:
    • SMB exposure
    • Flat networks
    • Insufficient VoIP monitoring

    Patch available: Firmware 1.0.7.81.
    Community question:
    Are you incorporating VoIP firmware into vulnerability scanning pipelines?

    Do you log and monitor SIP configuration changes?

    Source: securityweek.com/critical-gran

    Engage below and follow TechNadu for detailed CVE intelligence and technical breakdowns.

    #ThreatIntel #VoIPSecurity #CVE20262329 #RCE #VulnerabilityManagement #NetworkDefense #Infosec #CyberRisk

  13. CVE-2026-2329 — Critical VoIP RCE
    Affects: Grandstream GXP1600
    Type: Stack-based buffer overflow
    Impact: Unauthenticated RCE (root)

    Attack Path:
    • Extract SIP credentials
    • Modify SIP proxy settings
    • Transparent call interception

    Operational risk:
    • SMB exposure
    • Flat networks
    • Insufficient VoIP monitoring

    Patch available: Firmware 1.0.7.81.
    Community question:
    Are you incorporating VoIP firmware into vulnerability scanning pipelines?

    Do you log and monitor SIP configuration changes?

    Source: securityweek.com/critical-gran

    Engage below and follow TechNadu for detailed CVE intelligence and technical breakdowns.

    #ThreatIntel #VoIPSecurity #CVE20262329 #RCE #VulnerabilityManagement #NetworkDefense #Infosec #CyberRisk

  14. CVE-2026-2329 — Critical VoIP RCE
    Affects: Grandstream GXP1600
    Type: Stack-based buffer overflow
    Impact: Unauthenticated RCE (root)

    Attack Path:
    • Extract SIP credentials
    • Modify SIP proxy settings
    • Transparent call interception

    Operational risk:
    • SMB exposure
    • Flat networks
    • Insufficient VoIP monitoring

    Patch available: Firmware 1.0.7.81.
    Community question:
    Are you incorporating VoIP firmware into vulnerability scanning pipelines?

    Do you log and monitor SIP configuration changes?

    Source: securityweek.com/critical-gran

    Engage below and follow TechNadu for detailed CVE intelligence and technical breakdowns.

    #ThreatIntel #VoIPSecurity #CVE20262329 #RCE #VulnerabilityManagement #NetworkDefense #Infosec #CyberRisk