SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems. Why the name? Because the tools are not exactly the nicest thing on earth next to a SIP device. And the play on the sound seems to work. As an extra bonus, it rhymes with the name of Sex Pistol’s bass player.
It’s been a while since we wrote about SIPVicious, way back when it first came out in 2008 – SIPVicious v0.2.3 – VoIP/SIP Auditing Toolkit. It’s come a fair way since v0.2.3 so I thought it’s about time for an update (although v0.2.6 has been out since 2010), you can view the full ChangeLog here.
It currently consists of five tools:
- svmap – this is a sip scanner. Lists SIP devices found on an IP range
- svwar – identifies active extensions on a PBX
- svcrack – an online password cracker for SIP PBX
- svreport – manages sessions and exports reports to various formats
- svcrash – attempts to stop unauthorized svwar and svcrack scans
Python – SIPVicious works on any system that supports python 2.4 or greater.
There’s a good blog post covering the new stuff here too, mainly svcrash:
You can download SIPVicious v0.2.6 here:
Or read more here.
- EyeWitness – A Rapid Web Application Triage Tool
- wig – WebApp Information Gatherer – Identify CMS
- Capstone – Multi-platform, Multi-architecture Disassembly Framework
- SIPVicious v0.2.3 – VoIP/SIP Auditing Toolkit
- SpikeSource Spike PHP Security Audit Tool
- VIPER Lab’s VAST Live Distro – VoIP Security Testing LiveCD
Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,845,272 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,030,609 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 613,456 views