or cancel
  1. Flash Operator Portal Enumeration

    01:21

    from Sandro Gauci / Added

    561 Plays / / 0 Comments

    The flash operator portal (FOP) is part of FreePBX and derivative PBX servers (Trixbox etc). By default allows enumeration of extensions on the PBX.

    + More details
    • Cisco Unified Communications Manager (CUCM) jailbreak

      04:19

      from Sandro Gauci / Added

      4,010 Plays / / 0 Comments

      The CUCM provides a restricted IOS-like shell that does not allow root or system access. This module breaks out of this restrictive shell, giving you root access through MOSDEF.

      + More details
      • Cisco phone scanner

        00:39

        from Sandro Gauci / Added

        976 Plays / / 0 Comments

        This module scans for Cisco phones on the target network by making use of two methods - HTTP scanning and reverse DNS lookup.

        + More details
        • Introducing svcrash

          01:32

          from Sandro Gauci / Added

          3,631 Plays / / 0 Comments

          A quick introduction to svcrash - a new addition to SIPVicious v0.2.6. This new tool allows system administrators etc to stop unauthorized attacks launched using svwar.py and svcrack.py (also part…

          + More details
          • Demo of a cross site scripting in dotDefender's admin interface

            03:38

            from Sandro Gauci / Added

            2,024 Plays / / 0 Comments

            This is part of an advisory published at: http://resources.enablesecurity.com/advisories/ES-20100601-dotdefender4.txt This video demo shows how an attacker may be able to force the administrator…

            + More details
            • VOIPPACK: SIP Open Relay

              02:07

              from Sandro Gauci / Added

              930 Plays / / 0 Comments

              Some PBX servers and gateways are configured insecurely and allow anonymous callers to make calls. This module will try to make a phone call using various prefixes. sipopenrelay is part of EnableSecurity…

              + More details
              • VOIPPACK: How to bypass alwaysauthreject

                01:35

                from Sandro Gauci / Added

                896 Plays / / 0 Comments

                The latest Asterisk PBX servers have an option "alwaysauthreject" which disables enumeration of extensions/users on the PBX. This new tool, included with VOIPPACK, bypasses this option.…

                + More details
                • VOIPPACK: Updates in SIP Digest Leak tool

                  01:15

                  from Sandro Gauci / Added

                  546 Plays / / 0 Comments

                  SIP Digest Leak is part of EnableSecurity VoIPPack which is an addon for Immunity CANVAS. The SIP Digest Leak tool now supports 2 new options: Zerolen SDP, which makes exploitation faster and support…

                  + More details
                  • DotAttacker

                    01:07

                    from Sandro Gauci / Added

                    210 Plays / / 1 Comment

                    A simple script that exploits DotDefender, called dotattacker. It sends an HTTP request to a website protected by DotDefender, with a "host" header that contains html tags. The log viewer…

                    + More details
                    • Automated Asterisk penetration testing using IAX2Autohack

                      03:48

                      from Sandro Gauci / Added

                      1,078 Plays / / 0 Comments

                      IAX2Autohack is part of EnableSecurity VoIPPack which is an addon for Immunity CANVAS. IAX2 is the protocol used by Asterisk PBX to communicate with other Asterisk boxes or with IP Phones. This demonstration…

                      + More details
                      • voipscanner beta demo

                        00:57

                        from Sandro Gauci / Added

                        1,865 Plays / / 0 Comments

                        Apply for a beta code now!

                        + More details
                        • beta.voipscanner.com demo

                          00:57

                          from Sandro Gauci / Added

                          689 Plays / / 0 Comments

                          A demo showing how easy it is to make use of the upcoming voipscanner webapp

                          + More details

                          Browse Videos

                          Sandro Gauci

                          Here are all of the videos that Sandro Gauci has uploaded to Vimeo. Appearances are videos that Sandro Gauci has been credited in by others.

                          Also Check Out