Skip to content
SIPVicious suite is a set of security tools that can be used to audit SIP based VoIP systems.
Branch: master
Clone or download

Welcome to SIPVicious security tools

The 5 tools that you should be looking at are:

  • svmap
  • svwar
  • svcrack
  • svreport
  • svcrash


The tools


this is a sip scanner. When launched against
ranges of ip address space, it will identify any SIP servers 
which it finds on the way. Also has the option to scan hosts 
on ranges of ports.


identifies working extension lines on a PBX. A working 
extension is one that can be registered. 
Also tells you if the extension line requires authentication or not. 


a password cracker making use of digest authentication. 
It is able to crack passwords on both registrar servers and proxy 
servers. Current cracking modes are either numeric ranges or
words from dictionary files.


able to manage sessions created by the rest of the tools
and export to pdf, xml, csv and plain text.


responds to svwar and svcrack SIP messages with a message that
causes old versions to crash. 

For usage help make use of -h or --help switch.

Also check out the wiki

And if you're stuck you're welcome to contact the author.

Sandro Gauci

You can’t perform that action at this time.