Skip to main content

Tags denial of service

Massive DDoS attacks on VoIP Providers and simulated DDoS testing

Published on Sep 24, 2021 in ,

VoIP.ms and other VoIP providers under DDoS attack At the time of writing, a major VoIP provider called VoIP.ms is under a distributed denial of service (DDoS) attack since over a week. As a result, they are unable to serve their customers with everyone and their dog complaining that they cannot connect to VoIP.ms’s SIP servers as well as other resources. At the same time, someone claiming to be part of the REvil ransomware group is blackmailing the provider.…

Read more about Massive DDoS attacks on VoIP Providers and simulated DDoS testing

DEMO - An overview of the VoIP and RTC offensive security toolset, SIPVicious PRO

We pushed out a video that introduces the basics of SIPVicious PRO by demonstrating some of the attack tools and showing the building blocks for automating security testing of VoIP and WebRTC applications and infrastructure. What follows is a transcript of the video. Introduction Hello, I’m Sandro Gauci from Enable Security. In this video, I’d like to show you what we have been working on, SIPVicious PRO! Let’s start by introducing the tools.…

Read more about DEMO - An overview of the VoIP and RTC offensive security toolset, SIPVicious PRO

TADSummit Asia 2021 talk about SIPVicious Pro and the Demo Server

TADSummit is a great event where people from different backgrounds that are somehow involved in communications, contribute in various ways. I, personally, always look forward to see what’s coming up in the next TADSummit event. At the moment, TADSummit Asia presentations are currently being released on a daily basis on the main site. And last week, the presentation that I prepared was published! In the previous TADSummit, I had presented about why we need to bring an offensive approach to RTC security.…

Read more about TADSummit Asia 2021 talk about SIPVicious Pro and the Demo Server

How doing QA testing for SIPVicious PRO led to an Asterisk DoS

Executive summary (TL;DR) While heavily testing SIPVicious PRO for bugs, we encountered an unexpected crash in Asterisk. We reported this to the Asterisk team, who recently issued a fix. If you’re a vendor, you too can beta test SIPVicious PRO! How the Asterisk crash was found We test our software as much as we can because, like any other software, ours contains bugs too! When it comes to SIPVicious PRO, one of our quality assurance tests is to run it against instances of Asterisk and Kamailio and check for expected results.…

Read more about How doing QA testing for SIPVicious PRO led to an Asterisk DoS