Common VOIP Attack tools





The following are some of the tools used by cybercriminals to carry out multiple attacks against infrastructures where different VoIP services are being implemented, generating denials of service, telephone fraud or interception of calls. Here is a sample list (the compete list of hundreds of tools can be found in the RSN UCTM product line)





SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems. It currently consists of four tools:. svmap – this is a sip scanner. Lists SIP devices found on an IP range svwar – identifies active extensions on a PBX svcrack – an online password cracker for SIP PBX svreport – manages sessions and exports reports to various formats svcrash – attempts to stop unauthorized svwar and svcrack scans.



More information about the tool in the following link: SIPvicious




A utility to perform dictionary attacks against the VoIP SIP Register hash (MD5)




Will help you find these SIP devices with potentially vulnerable Web GUIs in your network. What the application does is search the range of IPs you specify, and checks if port 5060 is available. Whether open or close, port 5060 indicates the presence of a SIP device. Then it checks if port 80 (http) is open. The combination of an open port 80, together with port 5060, either open or closed, signals a SIP device with a Web GUI.



More information about the tool in the following link: sipflanker

Viproy Voip Pen-Test Kit



Provides penetration testing modules for VoIP networks. It’s developed for security testing of VoIP and Unified Communications services. Viproy has Skinny, SIP and MSRP libraries to develop custom security tests, as well as PoC security testing modules. The modules below can be used to test SIP design and authorisation flaws, Skinny service issues, cloud VoIP design issues and client software vulnerabilities.



More information about the tool in the following link: Viproy




SiVus is the first publicly available vulnerability scanner for VoIP networks that use the SIP protocol. It provides powerful features to assess the security and robustness of VoIP implementations.



More information about the tool in the following link: SiVus




Sipsak is a command line tool which can send simple requests to a SIP server. It can run additional tests on a SIP server which are usefull for admins and developers of SIP enviroments.


More information about the tool in the following link: Sipsak




The vsaudit is an opensource framework to perform attacks to general voip services.  It allows to scan the whole network or single host engaging in the information gathering  phase, besides it is able to search for most known vulnerabilities on the found alive hosts and then try to exploit them.


More information about the tool in the following link: vsaudit