Posts
-
SIPVicious OSS 0.3.3 released with new STDIN and target URL specification
Published Mar 25, 2021 -
Bug discovery diaries: Abusing VoIPmonitor for Remote Code Execution
Published Mar 16, 2021 -
VoIPmonitor advisories: buffer overflow leading to RCE + XSS vulnerabilities
Published Mar 15, 2021 -
SIPVicious OSS 0.3.2 released with more IPv6 goodness!
Published Mar 3, 2021 -
Communication Breakdown / rtcsec also on FreeRTC and SIP Planet
Published Feb 12, 2021 -
SIPVicious PRO 6.0.0-beta.2 takes STDIN and fixes various bugs
Published Feb 9, 2021 -
Details about CVE-2020-26262, bypass of Coturn's default access control protection
Published Jan 11, 2021 -
Bug discovery diaries: uncovering sngrep overflow issues with blackbox fuzzing
Published Jan 5, 2021 -
SIPVicious PRO beta release contains SIP fuzzer and better automation
Published Dec 3, 2020 -
How doing QA testing for SIPVicious PRO led to an Asterisk DoS
Published Nov 10, 2020 -
ClueCon Weekly with Sandro Gauci, demonstration of SIP Digest Leak
Published Oct 16, 2020 -
RTC Security chat at Kamailio World Online with Daniel and Olle
Published Oct 5, 2020 -
The great Kamailio security debate and some misconceptions debunked
Published Sep 22, 2020 -
Smuggling SIP headers past Session Border Controllers FTW!
Published Sep 1, 2020 -
Kamailio World Online SIP and VoIP Security Panel
Published Aug 27, 2020 -
Bug bounty bout report 0x01 - WebRTC edition
Published Jun 16, 2020 -
Attacking a real VoIP System with SIPVicious OSS
Published Jun 8, 2020 -
SIPVicious PRO v6.0.0 alpha.5 available to our clients
Published Jun 3, 2020 -
A gentle introduction to caller ID spoofing
Published May 7, 2020 -
Awesome RTC hacking list published on Github
Published Apr 29, 2020 -
Jitsi Meet on Docker default passwords - how bad is it, how to detect and fix it
Published Apr 20, 2020 -
How we abused Slack's TURN servers to gain access to internal services
Published Apr 6, 2020 -
What's up with SIPVicious PRO?
Published Mar 30, 2020 -
SIPVicious OSS 0.3.0 released
Published Mar 10, 2020 -
Fuzzing PJSIP and chan_skinny, vulnerability information and advisories
Published May 23, 2017 -
New Mascot and Tshirts!! and .. Kamailio World 2016 - 9 Years Of Friendly Scanning And Vicious SIP
Published May 24, 2016 -
Time flies! A summary of updates for the past few years and Kamailio World!
Published May 13, 2016 -
If SIPVicious gives you a ring...
Published Dec 10, 2012 -
SIPVicious 0.2.7 released and rewrite coming up, looking for testers!
Published Feb 22, 2012 -
Asterisk forensics: the logs vs the attackers
Published Jan 2, 2012 -
VOIPPACK updated to v1.4
Published Jan 25, 2011 -
11 million Euro loss in VoIP fraud .. and my VoIP logs
Published Dec 14, 2010 -
Distributed SIP scanning during Halloween weekend
Published Nov 4, 2010 -
AstriCon roundup and vendors adding security features
Published Oct 29, 2010 -
BruCON Training: Module 4, Attacking Unified Communications
Published Sep 7, 2010 -
BruCON Training: Module 3, Attacking the media
Published Sep 2, 2010 -
BruCON Training: Module 2, Attacking signaling protocols
Published Sep 1, 2010 -
BruCON Training: Module 1, An Introduction to ...
Published Aug 31, 2010 -
BruCON Training: A crashcourse in pentesting VOIP networks (update)
Published Aug 30, 2010 -
New beta of VIPER VAST released 2.76
Published Jul 21, 2010 -
How to crash SIPVicious - introducing svcrash.py
Published Jun 22, 2010 -
A crashcourse in pentesting VOIP networks at BruCON 2010
Published Jun 8, 2010 -
Getting root access on Cisco CallManager 7 and 8 Server, Athcon, updates in new tool tftptheft and the VoIP honeynet challenge
Published Jun 1, 2010 -
New tool in the works: TFTPTheft
Published May 28, 2010 -
SIPVicious 0.2.5 out
Published May 19, 2010 -
RTP Traffic to 1.1.1.1
Published Feb 3, 2010 -
On breaking phonecall encryption and publishing fake research
Published Feb 1, 2010 -
Getting phonecalls during the middle of the night on your Asterisk server?
Published Dec 10, 2009 -
VIPER VAST includes SIPVicious
Published Oct 5, 2009 -
VoIP security workshop at BruCON 2009
Published Sep 17, 2009 -
SEC-T in Sweden and SIPVicious update in svn
Published Sep 7, 2009 -
HARrrr - Hacking at random
Published Aug 13, 2009 -
How law enforcement sees VoIP
Published Jul 27, 2009 -
Scan your public facing PBX with VOIPSCANNER.com
Published Jul 17, 2009 -
Scanning the Intertubes for VoIP at CONFidence
Published May 10, 2009 -
Troopers09 & IAX2 support
Published Apr 15, 2009 -
SaaS VoIP Security Scanning with VOIPSCANNER.com
Published Apr 7, 2009 -
VoIPScanner, SIP Digest Leak tutorial and more!
Published Apr 1, 2009 -
How to set up a VoIP lab
Published Mar 24, 2009 -
Late March updates
Published Mar 17, 2009 -
How to identify Asterisk servers and upload MOSDEF on AsteriskNOW
Published Feb 18, 2009 -
Phone phreaks are now using call forwarding features to make free phonecalls!
Published Jan 21, 2009 -
VOIPPACK released
Published Jan 6, 2009 -
VOIP Scanning on the increase
Published Jan 6, 2009 -
Introducing EnableSecurity VoIPPack
Published Dec 13, 2008 -
Off to RSA Europe 2008
Published Oct 26, 2008 -
Analysis of a VoIP Attack
Published Oct 24, 2008 -
Upcoming changes in SIPVicious
Published Sep 9, 2008 -
Homeland Security Dept's PBX hacked?
Published Aug 21, 2008 -
Surf Jack - HTTPS will not save you
Published Aug 11, 2008 -
New SIPVicious release 0.2.4
Published Aug 10, 2008 -
Backtrack 3 out - with VoIP security tools
Published Jun 20, 2008 -
Ladies and Gentlemen please welcome..
Published Jun 17, 2008 -
SIPVicious tools roadmap
Published Jun 11, 2008 -
SIPVicious version 0.2.3 with fingerprinting and dns goodies
Published Jun 3, 2008 -
VoIP and identity fraud on the BBC
Published May 15, 2008 -
Defcon 15 videos - VoIP related talks
Published May 2, 2008 -
OSSEC v1.5 now has builtin Asterisk rules
Published May 2, 2008 -
Infosec Europe 2008
Published Apr 22, 2008 -
New instructional videos and articles
Published Apr 20, 2008 -
Storming SIP Security - now available just a click away
Published Apr 1, 2008 -
Blackhat Europe Briefings Day 2
Published Mar 29, 2008 -
Blackhat Europe Briefings Day 1
Published Mar 28, 2008 -
Blackhat Europe && Twitter
Published Mar 27, 2008 -
Blackhat Europe
Published Mar 23, 2008 -
SIPVicious tool suite on Backtrack 3 beta
Published Mar 21, 2008 -
Using OSSEC to detect attacks on an Asterisk box
Published Mar 15, 2008 -
Swatters using VoIP to spoof caller id
Published Mar 14, 2008 -
Storming SIP Security
Published Feb 22, 2008 -
Detecting SIP attacks with Snort
Published Feb 17, 2008 -
SIP, TLS and Asterisk 1.6
Published Feb 8, 2008 -
Most popular topics on SIPVicious blog
Published Feb 4, 2008 -
SIP Fingerprinting in SVN
Published Jan 27, 2008 -
Call Jacking: Phreaking the BT home hub
Published Jan 21, 2008 -
Vishing alarming rise
Published Jan 21, 2008 -
VoIP Security Vulnerabilities - a SANS GIAC paper
Published Jan 11, 2008 -
24c3 quick roundup
Published Dec 31, 2007 -
24c3 photos
Published Dec 28, 2007 -
Whats brewing on the SIPVicious front
Published Dec 19, 2007 -
Password policies for PBX servers
Published Dec 11, 2007 -
24C3 coming up
Published Dec 1, 2007 -
introduction to svcrack
Published Nov 29, 2007 -
SIPtap and tapping phone calls
Published Nov 24, 2007 -
its the end of the world as we know it
Published Nov 21, 2007 -
introduction to svmap
Published Nov 20, 2007 -
SIPVicious version 0.2.1 released
Published Nov 7, 2007 -
re-INVITE and authentication
Published Nov 5, 2007 -
SIPVicious 0.2.1 public beta
Published Nov 3, 2007 -
More on INVITEing phones to ring
Published Oct 30, 2007 -
how (not) to get your ex back
Published Oct 30, 2007 -
Server impersonation and SIP
Published Oct 28, 2007 -
How to get the job done - a short story
Published Oct 23, 2007 -
tshirts and mugs!
Published Oct 20, 2007 -
Wiki updates
Published Oct 18, 2007 -
Bluebox podcast mentions SIPVicious
Published Oct 13, 2007 -
XSS in Linksys SPA941
Published Oct 12, 2007 -
On reporting bugs and recent bug fixes
Published Oct 11, 2007 -
SIPVicious 0.2 released
Published Oct 8, 2007 -
Ladies and Gentlemen, please welcome
Published Oct 6, 2007 -
SIPVicious tools 0.1.9 .. aka 0.2 beta
Published Oct 3, 2007 -
A SIP Introduction
Published Sep 27, 2007 -
Another interview with Robert Moore
Published Sep 26, 2007 -
MediaDefender Phone Call was over VoIP
Published Sep 18, 2007 -
Microsoft VoIP As You Are
Published Sep 18, 2007 -
SIPVicious tools in the works
Published Sep 11, 2007 -
SIP Security with Cullen Jennings of IETF and Cisco
Published Sep 8, 2007 -
Security Analysis of Voice-over-IP Protocols
Published Sep 7, 2007 -
VoIP security related blogs
Published Aug 30, 2007 -
How to turn a Grandstream SIP phone into a remote bug
Published Aug 24, 2007 -
Updates to SIPVicious tools
Published Aug 24, 2007 -
Cisco IP Phone 7940 exploits
Published Aug 22, 2007 -
SIP softphone buffer overflow demo
Published Aug 8, 2007 -
Interview with a VoIP hacker
Published Aug 3, 2007 -
SIPVicious tools for auditing SIP devices
Published Jul 29, 2007 -
SIPVicious launched
Published Jul 29, 2007