Skip to main content

Looking for a free security toolset to test your SIP infrastructure?

SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications.

SIPVicious OSS mascot with white background

Open-source security suite for auditing SIP based VoIP systems

Also known as friendly-scanner, it is freely available to help pentesters, security teams and developers quickly test their SIP systems.

Open-Source
Software

Download the latest source code from git or the latest release, send pull requests and open issues.
GitHub Repository »

Super Quick
Start

Install the latest and greatest release using pip3 install sipvicious or follow the instructions for further options. Available on any platform that supports Python 3.
Documentation »

Automate
CI/CD tests

Made a change to your phone system or SIP router? Test it automatically using SIPVicious OSS to perform a smoke test for security robustness.
SIPVicious OSS Automation »

Beyond
SIPVicious OSS

The next generation is SIPVicious PRO, a complete new code base and overhaul of the concepts found in SIPVicious OSS. As a toolset it includes more and targets RTC.
SIPVicious PRO »

What tools are included?

SIPVicious OSS is the open-source version of SIPVicious. It was first published back in 2007 and is freely available on GitHub.

svmap

Identify SIP devices and PBX servers on a target network

svwar

SIP PBX extension line scanner, guesses ranges of extensions

svcrack

Crack passwords for specific usernames/extensions on a PBX

svreport

Generate reports based on your previous scans

Take SIPVicious for a spin

Learn more about SIPVicious OSS and SIPVicious PRO use cases and features.