SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems.
Switch branches/tags
Nothing to show
Clone or download
Latest commit 5d8dab2 Apr 16, 2018
Type Name Latest commit message Commit time
Failed to load latest commit information.
man1 preparing for v0.2.8 and adhering to some debian packaging rules Nov 18, 2012
resources updated changelog, added sv.xsl to resources and fixed some markdown … Dec 8, 2012
sipvicious.egg-info again Aug 4, 2017
sipvicious missing quotes Apr 16, 2018
.gitignore there Aug 4, 2017
Changelog finalizing changelog Dec 10, 2012 Update Mar 10, 2017
THANKS formatting changes Dec 8, 2012
TODO fixed url Feb 21, 2018 should be called sipvicious Aug 4, 2017

Welcome to SIPVicious security tools

The 5 tools that you should be looking at are:

  • svmap
  • svwar
  • svcrack
  • svreport
  • svcrash


The tools


this is a sip scanner. When launched against
ranges of ip address space, it will identify any SIP servers 
which it finds on the way. Also has the option to scan hosts 
on ranges of ports.


identifies working extension lines on a PBX. A working 
extension is one that can be registered. 
Also tells you if the extension line requires authentication or not. 


a password cracker making use of digest authentication. 
It is able to crack passwords on both registrar servers and proxy 
servers. Current cracking modes are either numeric ranges or
words from dictionary files.


able to manage sessions created by the rest of the tools
and export to pdf, xml, csv and plain text.


responds to svwar and svcrack SIP messages with a message that
causes old versions to crash. 

For usage help make use of -h or --help switch.

Also check out the wiki

And if you're stuck you're welcome to contact the author.

Sandro Gauci