Wednesday, June 11, 2008

SIPVicious tools roadmap

I'm looking at improving SIPVicious and would appreciate your input for new features or any possible bug fixes. Send me an email with ideas, or simply leave a comment.

Check my current "to do" list here.

2 comments:

Anonymous said...

Any chance can you get Sipvicious to test VoIP systems for vulnerabilities such as Nessus or ISS?

sandro said...

So I suppose you want a vulnerability assessment tool for VoIP?

That tends to require teams of people keeping a database of checks updated and so on. I can imagine something like that being commercial but it is hard to pull it off as opensource unless you have a really strong (business) model.

Are you (and a couple more people) willing to help out? If so please get in contact with me (sandro@enablesecurity.com).

Currently I'm more interested in penetration / insecurity tools that exploit generic behavior of SIP and that does not require constant research and updating of signatures.