all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Stunner - Tool To Test And Exploit STUN, TURN And TURN Over TCP Servers

Add to bookmarks
May 28, 2022, 12:30 p.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com


Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers. TURN is a protocol mostly used in videoconferencing and audio chats (WebRTC).

If you find a misconfigured server you can use this tool to open a local socks proxy that relays all traffic via the TURN protocol into the internal network behind the server.

I developed this tool during a test of Cisco Expressway which resulted in some vulnerabilities: https://firefart.at/post/multiple_vulnerabilities_cisco_expressway/

To get the required username …

exploit misconfiguration servers stunner tcp test tool turn webrtc websocket wireshark

Visit resource

More from www.kitploit.com / KitPloit - PenTest Tools!

VectorKernel - PoCs For Kernelmode Rootkit Techniques Research 1 day, 15 hours ago | www.kitploit.com
64bit api education kernel +17
Cookie-Monster - BOF To Steal Browser Cookies & Credentials 2 days, 15 hours ago | www.kitploit.com
cookie-monster passwords processes python +2
NoArgs - Tool Designed To Dynamically Spoof And Conceal Process Arguments While Staying Undetected 3 days, 15 hours ago | www.kitploit.com
mechanism microsoft mimikatz noargs +3
Frameless-Bitb - A New Approach To Browser In The Browser (BITB) Without The Use Of … 4 days, 15 hours ago | www.kitploit.com
frameless-bitb scanners scripts subdomains +2
Toolkit - The Essential Toolkit For Reversing, Malware Analysis, And Cracking 5 days, 6 hours ago | www.kitploit.com
analysis beginners cracking infosec +11
Porch-Pirate - The Most Comprehensive Postman Recon / OSINT Client And Framework That Facilitates The … 1 week ago | www.kitploit.com
api api endpoints automated client +20
APKDeepLens - Android Security Insights In Full Spectrum 1 week, 1 day ago | www.kitploit.com
android security apkdeeplens mobile security vulnerabilities +1
RemoteTLSCallbackInjection - Utilizing TLS Callbacks To Execute A Payload Without Spawning Any Threads In A … 1 week, 2 days ago | www.kitploit.com
academy anti-debugging api home +8
Sicat - The Useful Exploit Finder 1 week, 3 days ago | www.kitploit.com
exploit finder metasploit modules reconnaissance sicat

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Intermediate Security Engineer, (Incident Response, Trust & Safety)

@ GitLab | Remote, US
View on infosec-jobs.com

Journeyman Cybersecurity Triage Analyst

@ Peraton | Linthicum, MD, United States
View on infosec-jobs.com

Project Manager II - Compliance

@ Critical Path Institute | Tucson, AZ, USA
View on infosec-jobs.com

Junior System Engineer (m/w/d) Cyber Security 1

@ Deutsche Telekom | Leipzig, Deutschland
View on infosec-jobs.com
View more jobs