VoIPER, a VoIP fuzzing framework, has been released. This tool includes a suite built on the Sulley fuzzing framework and a SIP torturer. The fuzzer currently incorporates tests for SIP INVITE, SIP ACK, SIP CANCEL, SIP request structure, and SPD over SIP. VoIPER, and tools like it, are likely to increase the likely hood that additional SIP vulnerabilities will be found. Proper architecture and configuration surrounding a SIP implementation is likely to reduce the potential for compromise in almost all scenarios.
VoIPER – A VoIP Fuzzing Tool
Reply