Last updated:

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

Submit Your Site To ItalianWebSearch

DevWebProIT
FlashNewz
DevWebPro





Potentially Malicious VoIP Tools For Developer Awareness

By Dan Morrill
Expert Author
Article Date: 2008-12-04

Infosec Events has released downloadable copies of tools from ToorCon X, go get them and have a good time on your network or on your PC.

Some new tools to go play around with this morning - you will want to go here to get the actual links to download the tools, and they are a lot of fun to play around with. As usual, make sure if you are using these at work that you have permission to do this. If you are thinking of going on to the internet live with these, think that this might not be best idea ever.

What should be of interest are the VoIP Tools, with many folks using VoIP, and VoIP tools were still fairly primitive when I used them last, these tools could make it very easy to do some insider data gathering off the VoIP system. You should be playing with these to see if there is a way to mitigate the risks of just anyone on the network downloading these and playing around with them. Many of these tools could really help out a malicious insider, so you should be aware of them and how they work.

Here is the list copied from Infosec Events. Again, some of these have some very interesting uses, mostly aimed at insider attacks.

Targeted VoIP Eavesdropping: An Attack From Within
* VoIP Hopper

* X Test

* UC Sniffer

* ACE - Automated Corporate Enumerator

One XSS To Rule The Enterprise

* Squirtle

Active Fingerprinting of 802.11 APs

* BAFFLE

RFD (Remote File Downloading) using Blind Techniques

* Marathon Tool

* BSQL Hacker

Hacking SharePoint

* MossRegExSearch

Breaking UNIX crypt() on the PlayStation 3

* cell-bf

Owning telephone entry systems (aka why you shouldn't sleep so well)

* opwn_sesame

Dropped off the Ultimate Deobfuscator because it is not a tool, but a paper, and they also have the presentations available as well. Thanks to Infosec Events for posting these tools and the presentations.

Comments
About the Author:
Dan Morrill runs Techwag, a site all about his views on social media, education, technology, and some of the more interesting things that happen on the internet. He works at CityU of Seattle as the Program Director for the Computer Science, Information Systems and Information Security educational programs.


Newsletter Archive | Article Archive | Submit Article | Advertising Information | About Us | Contact

DevWebProItaly is an iEntry.com publication
 © iEntry Inc. All Rights Reserved Privacy Policy Legal

Click Here to Return to the Home Page