Skip to main content

Tags Devops

SIPVicious PRO incremental update - and Gitlab CI/CD examples

Published on Mar 7, 2023 in , , , , ,

We just pushed out a new SIPVicious PRO update to our subscribing members! This version does not include any new major features. Instead, it fixes various bugs and brings missing but necessary features to various SIPVicious PRO tools. We have the following highlights in this update:

  • Documentation now includes realistic Gitlab CI/CD examples
  • The RTP fuzzer in the experimental version now supports SRTP
  • Support for new SIP DoS flood request methods
  • The RTP inject tool can now specify the RTP’s SSRC and payload ID
  • The SIP password cracking tool now supports closing the connection upon each attempt
  • The SIP ping utility supports INVITE

For the boring details, including a list of bug fixes, do read the release notes for v6.0.0-experimental.6 and v6.0.0-beta.6.

Read more about SIPVicious PRO incremental update - and Gitlab CI/CD examples

DEMO - An overview of the VoIP and RTC offensive security toolset, SIPVicious PRO

Published on May 25, 2021 in , , , , , ,

We pushed out a video that introduces the basics of SIPVicious PRO by demonstrating some of the attack tools and showing the building blocks for automating security testing of VoIP and WebRTC applications and infrastructure.

What follows is a transcript of the video.

Introduction

Hello, I’m Sandro Gauci from Enable Security. In this video, I’d like to show you what we have been working on, SIPVicious PRO! Let’s start by introducing the tools. SIPVicious PRO is a command-line toolset, meant to test the security of realtime communications, which includes Voice over IP as well as WebRTC infrastructure.

Read more about DEMO - An overview of the VoIP and RTC offensive security toolset, SIPVicious PRO

TADSummit Asia 2021 talk about SIPVicious Pro and the Demo Server

Published on May 18, 2021 in , , , , , , , ,

TADSummit is a great event where people from different backgrounds that are somehow involved in communications, contribute in various ways. I, personally, always look forward to see what’s coming up in the next TADSummit event. At the moment, TADSummit Asia presentations are currently being released on a daily basis on the main site. And last week, the presentation that I prepared was published!

In the previous TADSummit, I had presented about why we need to bring an offensive approach to RTC security. In this one, I introduce our contributions to the space, i.e. SIPVicious OSS, SIPVicious PRO and the demo server.

Read more about TADSummit Asia 2021 talk about SIPVicious Pro and the Demo Server

Subscribe

Receive high-quality, low-volume RTC security research, news and occasional updates about what we're up to.

Interested in our services? Let's collaborate.
Get in touch

We hate spam and are committed to protecting and respecting your privacy. You can unsubscribe from our communications at any time. By subscribing, you are agreeing to the Privacy Policy.