Skip to main content

Looking for a free security toolset to test your SIP infrastructure?

SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications.

SIPVicious OSS mascot with white background

Open-source security suite for auditing SIP based VoIP systems

Also known as friendly-scanner, it is freely available to help pentesters, security teams and developers quickly test their SIP systems.


Download the latest source code from git or the latest release, send pull requests and open issues.
GitHub Repository »

Super Quick

Install the latest and greatest release using pip3 install sipvicious or follow the instructions for further options. Available on any platform that supports Python 3.
Documentation »

CI/CD tests

Made a change to your phone system or SIP router? Test it automatically using SIPVicious OSS to perform a smoke test for security robustness.
SIPVicious OSS Automation »

SIPVicious OSS

The next generation is SIPVicious PRO, a complete new code base and overhaul of the concepts found in SIPVicious OSS. As a toolset it includes more and targets RTC.
SIPVicious PRO »

What tools are included?

SIPVicious OSS is the open-source version of SIPVicious. It was first published back in 2007 and is freely available on GitHub.


Identify SIP devices and PBX servers on a target network


SIP PBX extension line scanner, guesses ranges of extensions


Crack passwords for specific usernames/extensions on a PBX


Generate reports based on your previous scans

Take SIPVicious for a spin

Learn more about SIPVicious OSS and SIPVicious PRO use cases and features.