Melih Tas

Independent researcher

About speaker

Melih Tas completed B.Sc., M.Sc. and Ph.D. education in Computer Science & Engineering. He has been working as Principal Penetration Tester in a private bank since 2015 in Istanbul, Turkey. He has worked as multiple times award-winning entrepreneur and security expert in a private cyber security R&D company between 2010 and 2015 where he worked on funded projects. Previous to them he also worked in a global troubleshooting center where he found the root causes of telecommunication security incidents and frauds, and design measures to prevent them from happening again. He wrote the National VoIP/UC Security Standard Draft by cooperating with Turkish Standards Institute. He is the author of open-source projects Mr.SIP: SIP-Based Audit and Attack Tool and SIP-DD: SIP-Based DDoS Defense Tools where he has presented in Black Hat Arsenal. He likes to do bug bounty hunting in his spare times. His research interests cover the design and analysis of both offensive and defensive security mechanisms in the fields of VoIP Security, Network Security, and Web/Mobile Application Security.

June 18
12:00 — 14:00
Mr.SIP is a simple console based SIP-based Audit and Attack Tool. Originally it was developed to be used in academic work to help developing novel SIP-based DDoS attacks and then the idea has been converted into a fully functional SIP-based penetration testing tool. In the current state, Mr.SIP comprises 7 sub-modules named as SIP-NES (network scanner), SIP-ENUM (enumerator), SIP-DAS (DoS attack simulator), SIP-ASP (attack scenario player), SIP-EVA (eavesdropper), SIP-SIM (signaling manipulator) and SIP-CRACK (cracker).