DVRTC: Intentionally Vulnerable VoIP/WebRTC Lab for Security Training

DVRTC is an intentionally vulnerable lab designed to demonstrate VoIP and WebRTC attack techniques. It includes a full stack with Kamailio (SIP proxy), Asterisk (PBX), rtpengine (media), and coturn (TURN/STUN), each configured with specific vulnerabilities such as SIP enumeration, RTP bleed, TURN abuse, and weak credentials. The lab offers seven exercises with step-by-step instructions and provides a live instance at pbx1.dvrtc.net for testing. The author created it to address the lack of similar resources for VoIP/WebRTC security training.