Skip to main content

Tags Training

SIPVicious tutorial: testing VoIP security with DVRTC

Published on Apr 13, 2026 in , , , , , , , ,

A hands-on tutorial showing how to use SIPVicious OSS to scan, enumerate, and crack SIP credentials on our DVRTC vulnerable lab at pbx1.dvrtc.net. This is an updated version of our 2020 tutorial that used the now-retired demo.sipvicious.pro server.…

Read more about SIPVicious tutorial: testing VoIP security with DVRTC

Introducing DVRTC: a vulnerable lab for RTC security

Published on Mar 27, 2026 in , , , , , , , , , ,

We’re releasing DVRTC (Damn Vulnerable Real-Time Communications), an intentionally vulnerable VoIP/WebRTC lab environment for security training and research. It comes with 7 hands-on exercises covering 12 attack paths, a live deployment at pbx1.dvrtc.net, and everything you need to start practicing RTC security testing.…

Read more about Introducing DVRTC: a vulnerable lab for RTC security

DEMO - An overview of the VoIP and RTC offensive security toolset, SIPVicious PRO

Published on May 25, 2021 in , , , , , ,

We pushed out a video that introduces the basics of SIPVicious PRO by demonstrating some of the attack tools and showing the building blocks for automating security testing of VoIP and WebRTC applications and infrastructure.

What follows is a transcript of the video.

Introduction

Hello, I’m Sandro Gauci from Enable Security. In this video, I’d like to show you what we have been working on, SIPVicious PRO! Let’s start by introducing the tools. SIPVicious PRO is a command-line toolset, meant to test the security of realtime communications, which includes Voice over IP as well as WebRTC infrastructure.

Read more about DEMO - An overview of the VoIP and RTC offensive security toolset, SIPVicious PRO

TADSummit Asia 2021 talk about SIPVicious Pro and the Demo Server

Published on May 18, 2021 in , , , , , , , ,

TADSummit is a great event where people from different backgrounds that are somehow involved in communications, contribute in various ways. I, personally, always look forward to see what’s coming up in the next TADSummit event. At the moment, TADSummit Asia presentations are currently being released on a daily basis on the main site. And last week, the presentation that I prepared was published!

In the previous TADSummit, I had presented about why we need to bring an offensive approach to RTC security. In this one, I introduce our contributions to the space, i.e. SIPVicious OSS, SIPVicious PRO and the demo server.

Read more about TADSummit Asia 2021 talk about SIPVicious Pro and the Demo Server

Subscribe

Receive high-quality, low-volume RTC security research, news and occasional updates about what we're up to.

Interested in our services? Let's collaborate.
Get in touch

We hate spam and are committed to protecting and respecting your privacy. You can unsubscribe from our communications at any time. By subscribing, you are agreeing to the Privacy Policy.