/sipvicious

SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems.

Primary LanguagePython

Welcome to SIPVicious security tools

The 5 tools that you should be looking at are:

  • svmap
  • svwar
  • svcrack
  • svreport
  • svcrash

logo

The tools

svmap

this is a sip scanner. When launched against
ranges of ip address space, it will identify any SIP servers 
which it finds on the way. Also has the option to scan hosts 
on ranges of ports.

svwar

identifies working extension lines on a PBX. A working 
extension is one that can be registered. 
Also tells you if the extension line requires authentication or not. 

svcrack

a password cracker making use of digest authentication. 
It is able to crack passwords on both registrar servers and proxy 
servers. Current cracking modes are either numeric ranges or
words from dictionary files.

svreport

able to manage sessions created by the rest of the tools
and export to pdf, xml, csv and plain text.

svcrash

responds to svwar and svcrack SIP messages with a message that
causes old versions to crash. 

For usage help make use of -h or --help switch.

Also check out the wiki

And if you're stuck you're welcome to contact the author.

Sandro Gauci