new tool collection for auditing SIP devices : SIPVicious .swmap, swar, swcrack

SIPcrack is a SIP login sniffer/cracker that contains 2 programs: sipdump to capture the digest authentication and sipcrack to bruteforce the hash using a wordlist or standard input.

. A smart traversal-state-machine inside the AnyFirewall engine handles the complexities of STUN (simple traversal of UDP through network address translators) and TURN protocols, NAT or firewall types, transport methods, ICE candidates, and delivery checks, the company explains.

One of the best War Dialers I came across .
Current Features:

Full and Normal logging: Full logging records all possible events during dialing (busy signals, no answers, carriers, etc). By default it only records things that we might find interesting (carriers, possible telco equipment). […]

Philipp Haupt and Matthias Hürlimann have developed an excellent open source VOIP security test tool called SIP Proxy. This tool can be used both as a proxy and as a VOIP fuzzing source.
Great tool ! SIP Proxy homepage on Sourceforge.
Share This
If you enjoyed this post, make sure you subscribe to my RSS feed!