VoIP Checklist for Penetration Testers

VoIP Checklist for Penetration Testers

18
SEP
Every VoIP assessment should follow a list of specific checks in order to give the client the necessary security assurance about his VoIP infrastructure. A checklist also disallows the pentester of forgetting to execute specific tests and therefore it prevents incomplete assessments.

After years of conducting this type of test I have compiled a list of attacks in a specific order of execution that I perform in every engagement.

VoIP-001 – VLAN hopping from data network to voice network
VoIP-002 – Extension Enumeration & Number Harvesting
VoIP-003 – Capturing SIP Authentication
VoIP-004 – Eavesdropping Calls
VoIP-005 – CallerID spoofing
VoIP-006 – RTP injection
VoIP-007 – Signaling Manipulation
VoIP-008 – Identification of insecure services
VoIP-009 – Testing for Default Credentials
VoIP-010 – Application level vulnerabilities
VoIP-011 – Voice Mail Attacks
VoIP-012 – Phone Firmware Analysis

Penetration Testing Lab

Every VoIP assessment should follow a list of specific checks in order to give the client the necessary security assurance about his VoIP infrastructure. A checklist also disallows the pentester of forgetting to execute specific tests and therefore it prevents incomplete assessments.

After years of conducting this type of test I have compiled a list of attacks in a specific order of execution that I perform in every engagement.

  • VoIP-001 – VLAN hopping from data network to voice network
  • VoIP-002 – Extension Enumeration & Number Harvesting
  • VoIP-003 – Capturing SIP Authentication
  • VoIP-004 – Eavesdropping Calls
  • VoIP-005 – CallerID spoofing
  • VoIP-006 – RTP injection
  • VoIP-007 – Signaling Manipulation
  • VoIP-008 – Identification of insecure services
  • VoIP-009 – Testing for Default Credentials
  • VoIP-010 – Application level vulnerabilities
  • VoIP-011 – Voice Mail Attacks
  • VoIP-012 – Phone Firmware Analysis

You can find the list also on my GitHub account.

If you execute on your VoIP assessments more attacks please reply with…

View original post 9 more words

One thought on “VoIP Checklist for Penetration Testers

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s