Posts

SIPVicious PRO beta release contains SIP fuzzer and better automation
Published Dec 3, 2020
How doing QA testing for SIPVicious PRO led to an Asterisk DoS
Published Nov 10, 2020
ClueCon Weekly with Sandro Gauci, demonstration of SIP Digest Leak
Published Oct 16, 2020
RTC Security chat at Kamailio World Online with Daniel and Olle
Published Oct 5, 2020
The great Kamailio security debate and some misconceptions debunked
Published Sep 22, 2020
Smuggling SIP headers past Session Border Controllers FTW!
Published Sep 1, 2020
Kamailio World Online SIP and VoIP Security Panel
Published Aug 27, 2020
Bug bounty bout report 0x01 - WebRTC edition
Published Jun 16, 2020
Attacking a real VoIP System with SIPVicious OSS
Published Jun 8, 2020
SIPVicious PRO v6.0.0 alpha.5 available to our clients
Published Jun 3, 2020
A gentle introduction to caller ID spoofing
Published May 7, 2020
Awesome RTC hacking list published on Github
Published Apr 29, 2020
Jitsi Meet on Docker default passwords - how bad is it, how to detect and fix it
Published Apr 20, 2020
How we abused Slack's TURN servers to gain access to internal services
Published Apr 6, 2020
What's up with SIPVicious PRO?
Published Mar 30, 2020
SIPVicious OSS 0.3.0 released
Published Mar 10, 2020
Fuzzing PJSIP and chan_skinny, vulnerability information and advisories
Published May 23, 2017
New Mascot and Tshirts!! and .. Kamailio World 2016 - 9 Years Of Friendly Scanning And Vicious SIP
Published May 24, 2016
Time flies! A summary of updates for the past few years and Kamailio World!
Published May 13, 2016
If SIPVicious gives you a ring...
Published Dec 10, 2012
SIPVicious 0.2.7 released and rewrite coming up, looking for testers!
Published Feb 22, 2012
Asterisk forensics: the logs vs the attackers
Published Jan 2, 2012
VOIPPACK updated to v1.4
Published Jan 25, 2011
11 million Euro loss in VoIP fraud .. and my VoIP logs
Published Dec 14, 2010
Distributed SIP scanning during Halloween weekend
Published Nov 4, 2010
AstriCon roundup and vendors adding security features
Published Oct 29, 2010
BruCON Training: Module 4, Attacking Unified Communications
Published Sep 7, 2010
BruCON Training: Module 3, Attacking the media
Published Sep 2, 2010
BruCON Training: Module 2, Attacking signaling protocols
Published Sep 1, 2010
BruCON Training: Module 1, An Introduction to ...
Published Aug 31, 2010
BruCON Training: A crashcourse in pentesting VOIP networks (update)
Published Aug 30, 2010
New beta of VIPER VAST released 2.76
Published Jul 21, 2010
How to crash SIPVicious - introducing svcrash.py
Published Jun 22, 2010
A crashcourse in pentesting VOIP networks at BruCON 2010
Published Jun 8, 2010
Getting root access on Cisco CallManager 7 and 8 Server, Athcon, updates in new tool tftptheft and the VoIP honeynet challenge
Published Jun 1, 2010
New tool in the works: TFTPTheft
Published May 28, 2010
SIPVicious 0.2.5 out
Published May 19, 2010
RTP Traffic to 1.1.1.1
Published Feb 3, 2010
On breaking phonecall encryption and publishing fake research
Published Feb 1, 2010
Getting phonecalls during the middle of the night on your Asterisk server?
Published Dec 10, 2009
VIPER VAST includes SIPVicious
Published Oct 5, 2009
VoIP security workshop at BruCON 2009
Published Sep 17, 2009
SEC-T in Sweden and SIPVicious update in svn
Published Sep 7, 2009
HARrrr - Hacking at random
Published Aug 13, 2009
How law enforcement sees VoIP
Published Jul 27, 2009
Scan your public facing PBX with VOIPSCANNER.com
Published Jul 17, 2009
Scanning the Intertubes for VoIP at CONFidence
Published May 10, 2009
Troopers09 & IAX2 support
Published Apr 15, 2009
SaaS VoIP Security Scanning with VOIPSCANNER.com
Published Apr 7, 2009
VoIPScanner, SIP Digest Leak tutorial and more!
Published Apr 1, 2009
How to set up a VoIP lab
Published Mar 24, 2009
Late March updates
Published Mar 17, 2009
How to identify Asterisk servers and upload MOSDEF on AsteriskNOW
Published Feb 18, 2009
Phone phreaks are now using call forwarding features to make free phonecalls!
Published Jan 21, 2009
VOIPPACK released
Published Jan 6, 2009
VOIP Scanning on the increase
Published Jan 6, 2009
Introducing EnableSecurity VoIPPack
Published Dec 13, 2008
Off to RSA Europe 2008
Published Oct 26, 2008
Analysis of a VoIP Attack
Published Oct 24, 2008
Upcoming changes in SIPVicious
Published Sep 9, 2008
Homeland Security Dept's PBX hacked?
Published Aug 21, 2008
Surf Jack - HTTPS will not save you
Published Aug 11, 2008
New SIPVicious release 0.2.4
Published Aug 10, 2008
Backtrack 3 out - with VoIP security tools
Published Jun 20, 2008
Ladies and Gentlemen please welcome..
Published Jun 17, 2008
SIPVicious tools roadmap
Published Jun 11, 2008
SIPVicious version 0.2.3 with fingerprinting and dns goodies
Published Jun 3, 2008
VoIP and identity fraud on the BBC
Published May 15, 2008
Defcon 15 videos - VoIP related talks
Published May 2, 2008
OSSEC v1.5 now has builtin Asterisk rules
Published May 2, 2008
Infosec Europe 2008
Published Apr 22, 2008
New instructional videos and articles
Published Apr 20, 2008
Storming SIP Security - now available just a click away
Published Apr 1, 2008
Blackhat Europe Briefings Day 2
Published Mar 29, 2008
Blackhat Europe Briefings Day 1
Published Mar 28, 2008
Blackhat Europe && Twitter
Published Mar 27, 2008
Blackhat Europe
Published Mar 23, 2008
SIPVicious tool suite on Backtrack 3 beta
Published Mar 21, 2008
Using OSSEC to detect attacks on an Asterisk box
Published Mar 15, 2008
Swatters using VoIP to spoof caller id
Published Mar 14, 2008
Storming SIP Security
Published Feb 22, 2008
Detecting SIP attacks with Snort
Published Feb 17, 2008
SIP, TLS and Asterisk 1.6
Published Feb 8, 2008
Most popular topics on SIPVicious blog
Published Feb 4, 2008
SIP Fingerprinting in SVN
Published Jan 27, 2008
Call Jacking: Phreaking the BT home hub
Published Jan 21, 2008
Vishing alarming rise
Published Jan 21, 2008
VoIP Security Vulnerabilities - a SANS GIAC paper
Published Jan 11, 2008
24c3 quick roundup
Published Dec 31, 2007
24c3 photos
Published Dec 28, 2007
Whats brewing on the SIPVicious front
Published Dec 19, 2007
Password policies for PBX servers
Published Dec 11, 2007
24C3 coming up
Published Dec 1, 2007
introduction to svcrack
Published Nov 29, 2007
SIPtap and tapping phone calls
Published Nov 24, 2007
its the end of the world as we know it
Published Nov 21, 2007
introduction to svmap
Published Nov 20, 2007
SIPVicious version 0.2.1 released
Published Nov 7, 2007
re-INVITE and authentication
Published Nov 5, 2007
SIPVicious 0.2.1 public beta
Published Nov 3, 2007
More on INVITEing phones to ring
Published Oct 30, 2007
how (not) to get your ex back
Published Oct 30, 2007
Server impersonation and SIP
Published Oct 28, 2007
How to get the job done - a short story
Published Oct 23, 2007
tshirts and mugs!
Published Oct 20, 2007
Wiki updates
Published Oct 18, 2007
Bluebox podcast mentions SIPVicious
Published Oct 13, 2007
XSS in Linksys SPA941
Published Oct 12, 2007
On reporting bugs and recent bug fixes
Published Oct 11, 2007
SIPVicious 0.2 released
Published Oct 8, 2007
Ladies and Gentlemen, please welcome
Published Oct 6, 2007
SIPVicious tools 0.1.9 .. aka 0.2 beta
Published Oct 3, 2007
A SIP Introduction
Published Sep 27, 2007
Another interview with Robert Moore
Published Sep 26, 2007
MediaDefender Phone Call was over VoIP
Published Sep 18, 2007
Microsoft VoIP As You Are
Published Sep 18, 2007
SIPVicious tools in the works
Published Sep 11, 2007
SIP Security with Cullen Jennings of IETF and Cisco
Published Sep 8, 2007
Security Analysis of Voice-over-IP Protocols
Published Sep 7, 2007
VoIP security related blogs
Published Aug 30, 2007
How to turn a Grandstream SIP phone into a remote bug
Published Aug 24, 2007
Updates to SIPVicious tools
Published Aug 24, 2007
Cisco IP Phone 7940 exploits
Published Aug 22, 2007
SIP softphone buffer overflow demo
Published Aug 8, 2007
Interview with a VoIP hacker
Published Aug 3, 2007
SIPVicious tools for auditing SIP devices
Published Jul 29, 2007
SIPVicious launched
Published Jul 29, 2007