Looking for a free security toolset to test your SIP infrastructure?
SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications.
Open-source security suite for auditing SIP based VoIP systems
Also known as friendly-scanner, it is freely available to help pentesters, security teams and developers quickly test their SIP systems.
Open-Source
Software
Download the latest source code from git or the latest release, send pull requests and open issues.
GitHub Repository »Super Quick
Start
Install the latest and greatest release using
Documentation »pip3 install sipvicious or follow the instructions for further options. Available on any platform that supports Python 3.Automate
CI/CD tests
Made a change to your phone system or SIP router? Test it automatically using SIPVicious OSS to perform a smoke test for security robustness.
SIPVicious OSS Automation »Beyond
SIPVicious OSS
The next generation is SIPVicious PRO, a complete new code base and overhaul of the concepts found in SIPVicious OSS. As a toolset it includes more and targets RTC.
SIPVicious PRO »What tools are included?
SIPVicious OSS is the open-source version of SIPVicious. It was first published back in 2007 and is freely available on GitHub.
svmap
Identify SIP devices and PBX servers on a target network
svwar
SIP PBX extension line scanner, guesses ranges of extensions
svcrack
Crack passwords for specific usernames/extensions on a PBX
svreport
Generate reports based on your previous scans
Take SIPVicious for a spin
Learn more about SIPVicious OSS and SIPVicious PRO use cases and features.