Looking for a free security toolset to test your SIP infrastructure?
SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications.
Open-source security suite for auditing SIP based VoIP systems
Also known as friendly-scanner, it is freely available to help pentesters, security teams and developers quickly test their SIP systems.
Open-Source
Software
Download the latest source code from git or the latest release, send pull requests and open issues.
GitHub Repository »Super Quick
Start
Install the latest and greatest release using
Documentation »pip3 install sipvicious
or follow the instructions for further options. Available on any platform that supports Python 3.Automate
CI/CD tests
Made a change to your phone system or SIP router? Test it automatically using SIPVicious OSS to perform a smoke test for security robustness.
SIPVicious OSS Automation »VoIP Pentesting beyond SIPVicious
SIPVicious is a powerful toolset, but has limitations. To go further, we developed advanced tools exclusively for our penetration testers.
Penetration Testing »What tools are included?
SIPVicious OSS is the open-source version of SIPVicious. It was first published back in 2007 and is freely available on GitHub.
svmap
Identify SIP devices and PBX servers on a target network
svwar
SIP PBX extension line scanner, guesses ranges of extensions
svcrack
Crack passwords for specific usernames/extensions on a PBX
svreport
Generate reports based on your previous scans
Interested in doing more?
Learn about our Penetration Test and Security Consultancy offers.