Looking for a free security toolset to test your SIP infrastructure?
SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications.
Open-source security suite for auditing SIP based VoIP systems
Also known as friendly-scanner, it is freely available to help pentesters, security teams and developers quickly test their SIP systems.
Open-Source
Software
Download the latest source code from git or the latest release, send pull requests and open issues.
GitHub Repository »
Super Quick
Start
Install the latest and greatest release using
Documentation »
pip3 install sipvicious or follow the instructions for further options. Available on any platform that supports Python 3.Automate
CI/CD tests
Made a change to your phone system or SIP router? Test it automatically using SIPVicious OSS to perform a smoke test for security robustness.
SIPVicious OSS Automation »
VoIP Pentesting beyond SIPVicious
SIPVicious is a powerful toolset, but has limitations. To go further, we developed advanced tools exclusively for our penetration testers.
Penetration Testing »
What tools are included?
SIPVicious OSS is the open-source version of SIPVicious. It was first published back in 2007 and is freely available on GitHub.
svmap
Identify SIP devices and PBX servers on a target network
svwar
SIP PBX extension line scanner, guesses ranges of extensions
svcrack
Crack passwords for specific usernames/extensions on a PBX
svreport
Generate reports based on your previous scans
Interested in doing more?
Learn about our Penetration Test and Security Consultancy offers.