UCSniff is a VoIP & IP Video Security Assessment tool that integrates existing open source software into several useful features, allowing VoIP and IP Video owners and security professionals to rapidly test for the threat of unauthorized VoIP and Video Eavesdropping. Written in C/C++, and available on Linux and Windows, the software is free and available for anyone to download, under the GPLv3 license. Some useful features of UCSniff that have been combined together into a single package:

• Allows targeting of VoIP Users based on Corporate Directory and/or extensions
• Support for automatically recording private IP video conversations
• Automatically re-creates and saves entire voice conversation to a single file that can be played back by media players
• Support for G.729, G.723, G.726, G.722, G.711 u-law, and G.711 a-law compression codecs
• Support for H.264 Video codec
• Automated VLAN Hop and VLAN Discovery support
• A UC Sniffer (VoIP and Video) combined with a MitM re-direction tool
• Monitor Mode
• Sniffs entire conversation if only one phone is in source VLAN
• Gratuitous ARP Disablment Bypass support
• TFTP MitM Modification of IP Phone features
• Realtime VoIP and Video Monitor

UCSniff was created as a Proof of Concept demonstration tool and a method of creating awareness around VoIP/UC threats. It can be used by VoIP/UC Administrators to test their own VoIP or Video Infrastructure in a pilot before vulnerabilities are rolled into production. It can also be used by security professionals as a method of convincing IT decision makers that security best practices should be applied to VoIP/UC in the same way that they are applied to other TCP/IP based, client-server applications.

In the future, it will be an after-thought to include automated VoIP VLAN Discovery and VLAN Hopping support in all VoIP Security assessment tools. Future versions of tools similar to VoIP Hopper will have the capability to automatically check for multiple vendor Voice VLAN ID discovery mechanisms, as a VVID "Discovery" scanning feature, Hop into the Voice VLAN, and wait for the user's direction on which attack to run. Practical, automated VoIP attacks can be selected from a menu. UCSniff combines several important capabilities that make this concept less thoeretical and more practical.