SIPVicious Pro

Test Real Time Communications
against known attacks.

SIPVicious PRO

At Enable Security we regularly test VoIP and RTC systems for security issues. Each time, we improve on our public and increasingly, internal tools. What we noticed was that many real-time communications systems exhibit similar vulnerabilities. We have often been asked to provide our internal tools so that they can be integrated with quality assurance procedures.

With SIPVicious Pro, we are making available a professional-grade security testing suite built from our experience and suited to be integrated in your testing methodology. Our aim is to help vendors and implementers of VoIP and WebRTC infrastructures to build products that withstand attack.

Feature comparison

SIPVICIOUS

SIPVICIOUS PRO

SIP Enumeration
SIP REGISTER Flood
SIP online password cracking
SIP UDP support
SIP TCP support
SIP TLS support
SIP over Websockets support (common in WebRTC)
SIP INVITE Flood
SIP Digest Leak
SIP INVITE enumeration
RTP Bleed and Injection attack
XSS using SIP as injection vector
XML External Entity (XXE) vulnerability testing for SIP
SIP SQL and LDAP injection tests
Offline password cracking of SIP credentials
Slowloris denial of service testing adapted to SIP
SIP enumeration of anonymous methods

Private beta

Time-limited private access to approved vendors and implementors of VoIP and WebRTC infrastructure.

Apply here

Contact Us

Feel free to email us to discuss our security tools, attacks and vulnerabilties, or to just say hello!

sandro@sipvicious.pro