Skip to content

IEISI-ORG/voip_course

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

134 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

VoIPSec — Secure Open-source VoIP Operations Certificate

An open-source, security-first VoIP training course modelled on The SIP School's SSCA "Elite" programme but rebuilt around open-source tools and an emphasis on secure VoIP operations. It pairs a written curriculum (20 modules (incl. DNS) + capstone) with a single, growing, reproducible Docker lab that learners build, attack, defend, and operate across the course. Completing it earns the Certified VoIPSec Operator (CVO) credential.

Status: build backlog complete — full curriculum, lab, all graded labs, assessments, capstone harness, instructor material + rendered slides, CI, references. See Progress.

What's here

Path What it is
course/00-course-overview.md Master design: outcomes, module map, assessment model, security spine
course/modules/ Per-module deep dives (5-beat: concept → packet → build → attack/defend → lab)
course/assessments/ Checkpoint exams (answer keys + rubrics)
course/references/ Bibliography (RFCs/standards/KBs) + glossary
course/requirements-traceability.md Requirements → status → evidence matrix
course/README.md Course index + SIP School → VoIPSec coverage crosswalk
lab/ The reproducible Docker lab (SBC, PBXs, trunk, clients, observability, red-team)
lab/labs/ Per-module hands-on labs with verify.sh auto-graders

Plan & progress reports

The lab in one glance

Four segmented Docker networks — edge (untrusted), core (trusted), mgmt (observability), redteam (isolated) — with Kamailio+rtpengine SBC, Asterisk and FreeSWITCH PBXs, a SIPp PSTN simulator, a softphone/load-test client, an (profile-gated) HOMER/Prometheus/Grafana/Loki/Wazuh stack, and a scope-guarded offensive toolbox. Quick start in lab/README.md.

How this repo is built

Content is produced by an autonomous loop, one coherent unit per iteration, each committed and pushed. Reviewer feedback dropped as feedback*.txt/.md in the repo root is processed with priority, then deleted (feedback files are gitignored — ephemeral steering, not repo content; what each asked is recorded in the build-plan feedback log and the traceability matrix). Security findings from automated review are addressed and logged.

Progress

  • Iteration: 94 · Date: 2026-07-05 · HEAD: git log --oneline -1
  • Design: ✅ complete — 18 modules + M10 (DNS Infrastructure) + capstone
  • Stage A (lab foundation): ✅ complete (8 services)
  • Stage B (per-module labs): ✅ complete — all 20 module docs M0–M19 (DNS=M10, provisioning=M14; capstone=M20), each with a verify.sh
  • Assessments: ✅ all 3 checkpoint exams (keys held separately in assessments/answer-keys/)
  • Feedback-driven BF labs:all 14 done (BF1–BF14)
  • Consistency audit: ✅ complete (3 passes) · Requirements audit: ✅ complete (6 passes) — see course/requirements-traceability.md
  • CI: .github/workflows/ci.yml (shell/YAML lint, compose config, offline graders) · Testing: make verify-all + make smoke (end-to-end)
  • References: bibliography + glossary + verify-bibliography.sh
  • Backlog: ✅ all items complete (E0/E3 are ongoing [~]). Deferred: .claude/SSCA-PDF history purge (user)
  • Full detail: course/build_plan.md (iteration log).

License / use

Licensed CC BY-NC-SA 4.0 — free to learn from, run, teach, and adapt for non-commercial use with attribution and share-alike. Commercial/for-profit use needs a separate licence (royalty); see LICENSE. Contributions welcome under CONTRIBUTING.md (issue first, approval-gated) — contributors are credited in CONTRIBUTORS.md.

Training material for authorized security education. Offensive tooling targets only the local lab; testing systems without written authorization is illegal. See lab/services/redteam/AUTHORIZED_USE.md.

About

A comprehensive VoIP course with open source and security baked in.

Resources

License

Contributing

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors