Pentesting your Microsoft Office Communication Server? Need a tool? Viper Labs updated their OAT (OCS Assessment Tool) to v2.0 this month. OAT automates testing OCS with: online dictionary attack, domain user enumeration, presence stealing, contact list stealing, domain IM flood, communicator call DoS, and domain call walk. Like SimWitty, OAT is written in C# and available under the BSD license.
“VIPER Lab created OAT because OCS and other Microsoft products are frequently being used as part of a unified communications infrastructure in many enterprises. Our mission is to help IT manager and security practitioners evaluate the security architecture of their deployments and ensure that their mission-critical communications and systems are protected.”
Posted by