Skip to main content

RTC security
Research, talks and tools

We are researchers in cyber-security, continually educating ourselves and developing knowledge and code. By sharing what we learn, we hope to push RTC security forward.

Illustration of a gas mask, papers flying and a chemical flask

Our Toolbelt

Tools that we developed to help us with our research, penetration testing and security audits. Some of these tools are or will be incorporated into SIPVicious PRO.

SIPVicious PRO Commercial

A professional toolset for testing real-time communications security

SIPVicious OSS Open Source

A set of tools for testing the security of SIP infrastructure

Stunner Internal

STUN and TURN offensive tool featuring proxy abuse, fuzzing and manual testing

Gasoline Internal

Fuzzer for SIP and RTP used to discover vulnerabilities in various SIP solutions

XMPPScanner Internal

XMPP enumeration, DoS security tests and manual testing tool

Connflood Internal

An extremely effective DoS tool that creates TCP connections and keeps them open

Janus Prober Internal

A tool for probing Janus and manual testing

Web root inspector Internal

A web server security analysis tool for finding interesting or rogue files, including backdoors

ES toolkit Internal

Tool for testing software with different configurations in virtual environments

Cert forger Internal

Creates self-signed certificates that have the same certificate details as the original certificate

Simple TLS MITM Internal

A very simple TLS MITM tool, especially useful for SIP MITM tests

TFTP Theft Open Source

Quick bruteforce tool for TFTP servers, useful for attacking provisioning systems

WAFW00F Open Source

Detect web application firewalls