[VOIPSEC] VoIP Security Assessment Tools
Shawn Merdinger
shawnmer at gmail.com
Tue Mar 7 09:27:05 EST 2006
Hi Raul,
>Date: Mon, 6 Mar 2006 12:35:47 -0800
>From: "Raul Carr" <raul_carr at symantec.com>
>Does anyone have a recommend list of publicly available VoIP Security
assessment tools?
Here's a list I've had going on....
Thanks!
--scm
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
SIP packet Creation & Malformed & Fuzzing & Flooding & Spoofing
=================================================
+ SiVus - http://www.vopsecurity.org/html/tools.html
+ SIPsak - http://sipsak.org
+ PROTOS SIP Suite -
http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/
+ SIP Forum Test Framework (SFTF) - http://www.sipfoundry.org/sftf/index.html
+ SIP bomber - http://www.metalinkltd.com/downloads.php
+ SIPp - http://sipp.sourceforge.net
+(? link) Nastysip -
http://phoenix.labri.fr/documentation/sip/Documentation/Material/Clients/Tools/Test/NastySIP/SX%20Design.htm
Manual (pretty GUI) SIP Packet Generators
================================
+ SIPNess - http://www.ortena.com/files/Messenger.zip
+ NetDude - http://netdude.sourceforge.net
Python and SIP
===========
+ Scapy - http://www.secdev.org/projects/scapy/
Sniffing
=====
+ Ethereal - http://www.ethereal.com
+ Cain & Abel - http://www.oxid.it/cain.html
+ VOMIT - http://vomit.xtdnet.nl
+ Oreka - http://oreka.sourceforge.net
+ VoiPong - http://www.enderunix.org/voipong/index.php
Various Scripts & Tools
=================
+ Send-SIP-Fun - http://www.security-scans.de/index.php?where=ssf
+ Skora.net - http://skora.net/voip/voip.html
kphone-ddos - Using KPhone for flooding attacks with spoofed SIP-packets
sip-scan - A fast SIP network scanner
sip-kill - Sniff for SIP-INVITEs and tear down the call. (03.11.2005
- new version 0.3a)
sip-redirectrtp - Manipulate SDP headers so that RTP packets are
redirected to an RTP-proxy. (16.09.2005 - new version 0.1)
rtpproxy - Wait for incoming RTP packets and send them to wanted
(signaled by a tiny protocol) destination. (16.09.2005 - new version
0.1)
SIP Listener
=========
+Sipomatic - (Part of LinPhone) http://www.linphone.org/?lang=us&rubrique=1
SIP over IPv6
=============
+SIPv6 Analyzer - http://pcs.csie.nctu.edu.tw/~yhsung/sipv6_analyzer/
SIP Device Specific Attacks
====================
+ See packetstorm
More information about the Voipsec
mailing list