Skip to content

EnableSecurity/awesome-rtc-hacking

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

34 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Awesome Real-time Communications Security Awesome

A curated list of Real-time Communications (RTC) security resources focused on VoIP, WebRTC and VoLTE penetration testing, security research and vulnerability assessment.

Latest Updates

  • 2026-06: Add new tools (TURNado, TURNt, sipexer, twilio-security-scanner, H26Forge) and vulnerable labs (DVRTC, RTC_Attacks)
  • 2024-12: Updated broken links and references
  • 2024-12: Add new blogs

Contributing

Your contributions are always welcome! Please read the contribution guidelines first:

  • Check if the resource is still active/available
  • Add a short description for tools and papers
  • Include publication dates where applicable
  • Keep descriptions concise and clear
  • Sort entries alphabetically within sections
  • Check your spelling and grammar
  • Make sure your text editor is set to remove trailing whitespace

License

CC0

To the extent possible under law, the authors have waived all copyright and related rights to this work.

Table of Contents

Newsletters

Presentation Slides

Videos

Advisories

Open-source tools

  • SIPVicious OSS - A set of tools to audit SIP based systems
  • SIPPTS - Another set of tools to audit VoIP servers and devices using SIP protocol.
  • bluebox-ng - Pentesting framework using Node.js powers, focused in VoIP. (public archive)
  • SigPloit - Tool which covers all used SS7, GTP (3G), Diameter (4G) or even SIP protocols for IMS and VoLTE infrastructures.
  • vsaudit - VoIP security assessment framework.
  • rtpnatscan - Tool which tests for rtpbleed vulnerability.
  • VIPROY - VoIP pentest framework which can be used with the metasploit-framework.
  • SIP Proxy - A VoIP security testing tool.
  • Metasploit auxiliary modules
  • SIPp: SIP based test tool / traffic generator.
  • Mr.SIP - SIP based audit and attack tool.
  • VoIPShark - Open Source VoIP Analysis Platform
  • Turner - PoC for tunnelling HTTP over a permissive/open TURN server.
  • sipsak - SIP swiss army knife, has some features that can be used for security testing (e.g. flood more or random mode)
  • sipexer - modern and flexible SIP command line client for testing SIP servers and devices, with custom requests, registration floods, stateful dialogues and lightweight fuzzing.
  • turnproxy - Tool to abuse open TURN relays
  • SeeYouCM Thief - download and parse configuration files from Cisco phone systems searching for SSH credentials
  • stunner - a tool to test and exploit STUN, TURN and TURN over TCP servers.
  • TURNado - TURN attack toolkit from SySS that automates internal IP disclosure, UDP relay forwarding to internal/loopback services, SOCKS proxying, layer-3 tunnelling and allocation-based DoS.
  • TURNt - PoC from Praetorian that abuses TURN servers (e.g. Zoom and Teams) to tunnel command-and-control traffic over web-conferencing infrastructure (the "Ghost Calls" technique).
  • VoIP Hopper - a tool to exploit insecure VLANs that are often found in IP Telephony infrastructure.
  • twilio-security-scanner - scans Twilio Serverless deployments for misconfigurations such as public functions and assets, unencrypted webhooks and stale API keys.
  • H26Forge - generates and fuzzes syntactically valid but spec-non-compliant H.264 video to find decoder vulnerabilities (relevant to WebRTC video attack surface).

Papers

Blogs

Notable blog posts and articles

Books

Vulnerabilities

The following are generic or common vulnerabilities that are related to either signalling, media or infrastructure.

CTFs and Learning Resources

Related lists

Contributors