Viproy – VoIP Penetration Testing Kit

VoIP security testing is important to verify the quality of your system before it is moved into production. One of the tool that you can consider for pentest VoIP is Viproy.  This tool have been presented on DefCON and include the following:

  1. Finding and Identifying SIP Services
  2. Identifying SIP Software and Vulnerabilities
  3. Identifying Valid Target Numbers, Users, Realm
  4. Unauthenticated Registration (Trunk, VAS, Gateway)
  5. Brute Forcing Valid Accounts and Passwords
  6. Invite Without Registration
  7. Invite Spoofing (After or Before Registration, Via Trunk)
  8. Testing DDoS attack to verify is the system resilient

You can use the tool with Kali with an installation script that you can find with the package or to copy “lib” and “modules” folders’ content to Metasploit root directory. to find more information about this tool follow this link

Notify of
Inline Feedbacks
View all comments