We just made SIPVicious PRO v6.0.0-beta.1 available to our beta testers. This latest release brings a new SIP fuzzer and enhancements for automation to your favourite RTC offensive security toolset. We have the following highlights with this release:
- New fuzzing tools -
sip fuzz method. This used to be in a separate internal tool called gasoline (see our toolset page); this now been polished and has joined the SVPRO toolset; this has been used to identify vulnerabilities in Kamailio (advisory), sngrep (advisory 1 and 2) and other SIP servers.
- Tool results provided at the end of a test are now standardized with a JSON schema so that they can easily be parsed or used to produce reports by third-party tools. See the documentation about automation and results.
- Exit codes updated for future compatibility when using it within automation systems. See the documentation about signal handling and exit codes.
- Full IPv6 support across all tools.
- Documentation site is now refreshed, and central to SIPVicious PRO at https://docs.sipvicious.pro.
- And of course, various bug fixes. Full changelog can be seen here.
If you are interested in integrating SIPVicious PRO within your CI/CD pipelines or simply beta testing our toolset, visit this page to subscribe. Do note that the software is licensed to approved vendors and implementers of VoIP and WebRTC infrastructure.