Abstract

The rapid growth of technology such as computers or mobile phone applications that interacts with the internet poses a security risk. Vulnerability Assessment and Pen-Testing (VAPT) is an offensive method for safeguarding an organization with security assets. It is a big challenge for an organization to protect its data from growing vulnerabilities. In this research, various automated tools are used to identify the target system security breaches in the VoIP infrastructure posture as a part of vulnerability assessment. If the attacker identifies these security breaches, it can result in significant data loss. Pen-Testing is a method to determine whether the security measures are performing effectively. Voice Over Internet Protocol (VoIP) is one of the effective solutions employed by skilled criminals to conceal their identity from ordinary communication mechanisms. The method for VAPT of VoIP infrastructure is discussed and implemented in this research to combat similar types of attacks.

Keywords: Vulnerability Assessment and Penetration Testing (VAPT), VAPT tools, Security Assessment tools, Session Initiation Protocol (SIP), Real-Time Protocol (RTP)