Skip to main content
Sandro Gauci

Sandro Gauci, Enable Security

VoIPScanner, SIP Digest Leak tutorial and more!

Published on Apr 1, 2009 in ,

Check out the tutorial. This security flaw has been getting a bit of attention so I thought of preparing a tutorial on how to use VOIPPACK to demo it. There’s the video that I posted earlier on which shows the attack in action. In the tutorial I explain how to do this step by step on a softphone and a hardphone as well.

SIP Digest Leak from Sandro Gauci on Vimeo.

Also started a new project called which is currently in private beta. If you have an internet facing IP PBX that you’d like to scan, give me a ping ;-) You might just about qualify for the private beta. Public beta will be available later this week or earlier next week.

Sandro Gauci

Sandro Gauci

CEO, Chief Mischief Officer at Enable Security

Sandro Gauci leads the operations and research at Enable Security. He is the original developer of SIPVicious OSS, the SIP security testing toolset. His role is to focus on the vision of the company, design offensive security tools and engage in security research and testing. Therefore, he is the proud owner of the title of Chief Mischief Officer at Enable Security.

He offers public office hours and is reachable here.