Feb 8, 2013

SIP/NGN Services Pen-Testing using SIP Pen-Testing Kit (Training Video)

SIP Pen-Testing Kit for Metasploit is developed to help SIP Pen-Tests. This video prepared for demonstration and training for SIP Pen-Testing Kit.

Pen-Testing Steps in the Video

  • SIP Service Discovery
    • Using OPTIONS Requests
    • Using REGISTER Requests
    • REGISTER Without Credentials
    • REGISTER With Valid Credentials
  • Call Tests
    • Direct INVITE Without Credentials
    • INVITE With Credentials
    • INVITE Spoofing With Credentials
  • DOS Tests
    • INVITE Sending to Valid Users (With/Without Credentials)
    • INVITE Sending to Numeric Range (With/Without Credentials)
  • Enumeration
    • Enumerating Users and Accounts with Numeric Range (SUBSCRIBE, REGISTER, INVITE)
    • Enumerating Users and Accounts with a Users File (SUBSCRIBE, REGISTER, INVITE)
  • Brute Force
    • Password Brute Force to a Target Account
    • Password Brute Force to a Numeric Range
    • Password Brute Force with a Users File
For Code