Skip to content
@EnableSecurity

Enable Security

Offensive security tools and quality penetration testing to help protect your real-time communications systems against attack.
README.md

Enable Security

We specialize in security for real-time communications: VoIP and WebRTC systems.

What we do

  • Penetration testing for VoIP and WebRTC systems - toll fraud, oS, oT, oR exploitation
  • DDoS resilience testing for RTC infrastructure
  • Fuzzing and code review for SIP, RTP, and WebRTC implementations
  • Security consultancy for VoIP, WebRTC vendors and providers

Open source tools

  • SIPVicious - VoIP/SIP security testing toolset
  • WAFW00F - Web Application Firewall fingerprinting tool
  • Awesome RTC Hacking - curated security resources for VoIP, WebRTC, and VoLTE

Research

We publish security advisories in https://www.enablesecurity.com/advisories/ and pentest reports in enablesecurity/reports.

The RTCSec Newsletter covers real-time communications security news monthly.

Get in touch

Pinned Loading

  1. DVRTC DVRTC Public

    DVRTC (Damn Vulnerable Real-Time Communications) is an intentionally vulnerable VoIP/WebRTC platform for security training and research, with isolated lab scenarios covering SIP enumeration, digest…

    JavaScript 14 2

  2. sipvicious sipvicious Public

    SIPVicious OSS is a VoIP security testing toolset. It helps security teams, QA and developers test SIP-based VoIP systems and applications. This toolset is useful in simulating VoIP hacking attacks…

    Python 1.1k 179

  3. awesome-rtc-hacking awesome-rtc-hacking Public

    a list of awesome resources related to security and hacking of VoIP, WebRTC and VoLTE

    527 50

  4. wafw00f wafw00f Public

    WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

    Python 6.3k 1k

  5. reports reports Public

    Reports issued by Enable Security

    11

  6. Vulnerability-Disclosure-Policy Vulnerability-Disclosure-Policy Public

    How Enable Security handles security vulnerabilities

    10 2

Repositories

Showing 10 of 19 repositories
  • DVRTC Public

    DVRTC (Damn Vulnerable Real-Time Communications) is an intentionally vulnerable VoIP/WebRTC platform for security training and research, with isolated lab scenarios covering SIP enumeration, digest leaks, RTP bleed, SQL injection, XSS, and TURN relay abuse.

    EnableSecurity/DVRTC’s past year of commit activity
    JavaScript 14 2 0 0 Updated Mar 27, 2026
  • wafw00f Public

    WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

    EnableSecurity/wafw00f’s past year of commit activity
    Python 6,264 BSD-3-Clause 1,037 0 0 Updated Mar 26, 2026
  • .github Public
    EnableSecurity/.github’s past year of commit activity
    0 0 0 0 Updated Mar 19, 2026
  • sipvicious Public

    SIPVicious OSS is a VoIP security testing toolset. It helps security teams, QA and developers test SIP-based VoIP systems and applications. This toolset is useful in simulating VoIP hacking attacks against PBX systems especially through identification, scanning, extension enumeration and password cracking.

    EnableSecurity/sipvicious’s past year of commit activity
    Python 1,063 179 0 0 Updated Mar 6, 2026
  • ASVS Public Forked from OWASP/ASVS

    Application Security Verification Standard

    EnableSecurity/ASVS’s past year of commit activity
    HTML 1 CC-BY-SA-4.0 827 0 0 Updated Feb 25, 2026
  • coturn-secure-config Public

    Secure configuration templates for coturn TURN server with Docker test environment

    EnableSecurity/coturn-secure-config’s past year of commit activity
    Python 2 0 0 0 Updated Feb 25, 2026
  • advisories Public

    Security advisories published by Enable Security

    EnableSecurity/advisories’s past year of commit activity
    Python 45 16 0 0 Updated Feb 3, 2026
  • kamailio Public Forked from kamailio/kamailio

    Kamailio - The Open Source SIP Server for large VoIP and real-time communication platforms -

    EnableSecurity/kamailio’s past year of commit activity
    C 1 1,112 0 0 Updated Nov 5, 2025
  • awesome-rtc-hacking Public

    a list of awesome resources related to security and hacking of VoIP, WebRTC and VoLTE

    EnableSecurity/awesome-rtc-hacking’s past year of commit activity
    527 CC0-1.0 50 0 0 Updated Jul 25, 2025
  • Vulnerability-Disclosure-Policy Public

    How Enable Security handles security vulnerabilities

    EnableSecurity/Vulnerability-Disclosure-Policy’s past year of commit activity
    10 2 0 0 Updated Apr 22, 2025
View all repositories

Top languages

Loading…