To read the full release notes, click here.
This release brings the following highlights:
- The SIP password cracker now takes input from STDIN so that tools such as hashcat’s maskprocessor can be used to generate passwords or combinations of credentials; see the documentation for examples
- A number of common mistakes are detected so that the tool can issue a warning and helpful suggestions
- Polishing of the SIP fuzzer, now randomizes SIP methods by default unless one specifies which SIP message to fuzz
- A number of bug fixes, of course!
SVPRO v6.0.0-beta.1 brings a new SIP fuzzer and enhancements for automation
We have the following highlights with this release:
- New fuzzing tools -
sip fuzz method. This used to be in a separate internal tool called gasoline (see our toolset page); this now been polished and has joined the SVPRO toolset; this has been used to identify vulnerabilities in Kamailio (advisory), sngrep (advisory 1 and 2) and other SIP servers
- Tool results provided at the end of a test are now standardized with a JSON schema so that they can easily be parsed or used to produce reports by third-party tools
- Exit codes updated for future compatibility when using it within automation systems
- Full IPv6 support across all tools
- Documentation site is now refreshed, and central to SIPVicious PRO at https://docs.sipvicious.pro
- And of course, various bug fixes