VoIP researcher to release auditing tool at Mid East Hackers' Conference

Designed to aid penetration testers in auditing VoIP implementations, TacVTK is set to radically change the VoIP auditing game.

The Grugq is a domain expert consultant on VoIP security, digital forensic analysis and reverse engineering and has spent over 8 years working with all aspects of information security, from penetration testing to solutions and product development. Additionally, he has developed strategic whitepapers for enterprise VoIP deployments and based on his experiences with numerous audits, the Grugq has developed a VoIP security assessment tool suite to facilitate more accurate, effective and rapid VoIP centric penetration testing. Since 2001 the Grugq has been involved in active Voice over IP security research, recently completing successful audits for major European and Asian telcos.

"Increasing numbers of users are benefiting from cheaper phone calls afforded by voice over IP technology. Despite this global adoption and rollout, VoIP is still hampered by ineffective security, in part due to poor VoIP penetration testing. Severe limitations in the capabilities of existing VoIP assessment tools restrict the range of attacks security practitioners can perform.," said The Grugq.

"My talk will focus on technical VoIP security assessment techniques, using the TacVTK core tools to demonstrate basic and advanced attacks. The primary emphasis will be on SIP based VoIP security," he said.

HITBSecConf2007 - Dubai will run for a four-day period from the 2nd till the 5th of April 2007. The event kicks off with two-days of technical training sessions followed by a two-day dual-track security conference, which coincides with a technology showcase and the Capture The Flag competition.

The conference will see over 20 world renowned security researchers and features keynote speakers Mikko Hypponen, Chief Research Officer of F-Secure Corp and Lance Spitzner, Founder of the Honeynet Project. Hypponen will be speaking on "Online Crime and Crime Online" on Day 1 while Spitzner will give attendees an inside look at honeypots in a paper titled "Honeypots: Today and Tomorrow" on Day 2.