Looking for a free security toolset to test your SIP infrastructure?
SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications.
Open-source security suite for auditing SIP based VoIP systems
Also known as friendly-scanner, it is freely available to help pentesters, security teams and developers quickly test their SIP systems.
Download the latest source code from git or the latest release, send pull requests and open issues.GitHub Repository »
Install the latest and greatest release usingDocumentation »
pip3 install sipviciousor follow the instructions for further options. Available on any platform that supports Python 3.
Made a change to your phone system or SIP router? Test it automatically using SIPVicious OSS to perform a smoke test for security robustness.SIPVicious OSS Automation »
The next generation is SIPVicious PRO, a complete new code base and overhaul of the concepts found in SIPVicious OSS. As a toolset it includes more and targets RTC.SIPVicious PRO »
What tools are included?
SIPVicious OSS is the open-source version of SIPVicious. It was first published back in 2007 and is freely available on GitHub.
Identify SIP devices and PBX servers on a target network
SIP PBX extension line scanner, guesses ranges of extensions
Crack passwords for specific usernames/extensions on a PBX
Generate reports based on your previous scans
Take SIPVicious for a spin
Learn more about SIPVicious OSS and SIPVicious PRO use cases and features.