Fatih Özavcı



International Events



Past Events
  • VoIP Wars: Return of the SIP 2.0 - Ruxcon 2013 (Australia) - 26 October 2013
  • VoIP Wars: Return of the SIP - Defcon 21 (USA) - 2 August 2013
  • Viproy VoIP Penetration Testing Kit - Blackhat Arsenal 2013 (USA) - 1 August 2013
  • Security Birds of a Feather Session - Cluecon 2013 (USA) - 7 August 2013
  • Hacking SIP Services Like a Boss! - Athcon 2013 (Greece)

  • Videos


    DEF CON 21 - Fatih Ozavci - VoIP Wars Return of the SIP



    Tools


    Viproy Voip Pen-Test Kit

    Project Page : http://www.viproy.com

    Viproy Voip Pen-Test Kit is developed to improve quality of SIP Penetration Tests. It provides authentication feature that helps to create simple tests. It includes 7 different modules with authentication support: options tester, brute forcer, enumerator, invite tester, trust analyzer, proxy and registration tester. All attacks could perform before and after authentication to fuzz SIP services and value added services.


    Mobile Application Fuzzer via SSL MITM (mbfuzzer)

    Project Page : http://yakindanegitim.org/mbfuzzer

    MBFuzzer will be developed for MITM (Man in the Middle) Fuzzing. Mobile applications use HTTP, SOAP, XML and JSON based data streams for communicate the servers. Many mobile applications use SSL Connect method for server communication. This method should be converted to HTTPS GET/POST method for MITM attacks. MBFuzzer will provide HTTP/HTTPS Proxy functionality and Real-Time Fuzzing feature with HTTP Connect conversion support.

    Books & Papers



    Hacking Trust Relationships Between SIP Gateways

    Pen-Tester's Guide to Metasploit Framework (Turkish)

    Presentations



    VoIP Wars:Return of the SIP


    Hacking SIP Like a Boss!


    Security Audit of SIP and NGN Systems

    Exploit Development Using Metasploit Framework

    MBFuzzer : MITM Fuzzing for Mobile Applications


    Pen-Tests Using Metasploit Framework


    VoIP Pen-Tests
    Using Free Softwares


    Information Security Essentials


    Attacking Techniques
    and Free Softwares


    Privacy and Free Softwares