Need help with sipvicious?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

518 Stars 126 Forks Other 388 Commits 1 Opened issues


SIPVicious OSS is a set of security tools that can be used to audit SIP based VoIP systems.

Services available


Need anything else?

Contributors list

Welcome to SIPVicious OSS security tools

SIPVicious mascot

SIPVicious OSS is a set of security tools that can be used to audit SIP based VoIP systems.

The tools

The SIPVicious OSS toolset consists of the following tools: - svmap - svwar - svcrack - svreport - svcrash


this is a sip scanner. When launched against
ranges of ip address space, it will identify any SIP servers 
which it finds on the way. Also has the option to scan hosts 
on ranges of ports.

Usage: https:


identifies working extension lines on a PBX. A working 
extension is one that can be registered. 
Also tells you if the extension line requires authentication or not. 

Usage: https:


a password cracker making use of digest authentication. 
It is able to crack passwords on both registrar servers and proxy 
servers. Current cracking modes are either numeric ranges or
words from dictionary files.

Usage: https:


able to manage sessions created by the rest of the tools
and export to pdf, xml, csv and plain text.

Usage: https:


responds to svwar and svcrack SIP messages with a message that
causes old versions to crash. 

Usage: https:

For usage help make use of


For getting started:


Please refer to the installation documentation.

A note to vendors and service providers

If you are looking for a professional grade toolset to test your RTC systems, please consider SIPVicious PRO which is available as a closed beta version.

Further information

Check out the wiki for documentation.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.