Skip to main content

SIPVicious PRO beta release contains SIP fuzzer and better automation

We just made SIPVicious PRO v6.0.0-beta.1 available to our beta testers. This latest release brings a new SIP fuzzer and enhancements for automation to your favourite RTC offensive security toolset. We have the following highlights with this release:

  • New fuzzing tools - sip fuzz method. This used to be in a separate internal tool called gasoline (see our toolset page); this now been polished and has joined the SVPRO toolset; this has been used to identify vulnerabilities in Kamailio (advisory), sngrep (advisory 1 and 2) and other SIP servers.
  • Tool results provided at the end of a test are now standardized with a JSON schema so that they can easily be parsed or used to produce reports by third-party tools. See the documentation about automation and results.
  • Exit codes updated for future compatibility when using it within automation systems. See the documentation about signal handling and exit codes.
  • Full IPv6 support across all tools.
  • Documentation site is now refreshed, and central to SIPVicious PRO at https://docs.sipvicious.pro.
  • And of course, various bug fixes. Full changelog can be seen here.

the new SVPRO documentation site

If you are interested in integrating SIPVicious PRO within your CI/CD pipelines or simply beta testing our toolset, visit this page to subscribe. Do note that the software is licensed to approved vendors and implementers of VoIP and WebRTC infrastructure.