Latest updates

To read the full release notes, click here.

SVPRO v6.0.0-beta.2 takes input from other tools for password cracking and user friendly warnings :)

This release brings the following highlights:

  • The SIP password cracker now takes input from STDIN so that tools such as hashcat’s maskprocessor can be used to generate passwords or combinations of credentials; see the documentation for examples
  • A number of common mistakes are detected so that the tool can issue a warning and helpful suggestions
  • Polishing of the SIP fuzzer, now randomizes SIP methods by default unless one specifies which SIP message to fuzz
  • A number of bug fixes, of course!

SVPRO v6.0.0-beta.1 brings a new SIP fuzzer and enhancements for automation

We have the following highlights with this release:

  • New fuzzing tools - sip fuzz method. This used to be in a separate internal tool called gasoline (see our toolset page); this now been polished and has joined the SVPRO toolset; this has been used to identify vulnerabilities in Kamailio (advisory), sngrep (advisory 1 and 2) and other SIP servers
  • Tool results provided at the end of a test are now standardized with a JSON schema so that they can easily be parsed or used to produce reports by third-party tools
  • Exit codes updated for future compatibility when using it within automation systems
  • Full IPv6 support across all tools
  • Documentation site is now refreshed, and central to SIPVicious PRO at https://docs.sipvicious.pro
  • And of course, various bug fixes