UCSniff was created as a Proof of Concept demonstration tool and a method of creating awareness around VoIP/UC threats. It can be used by VoIP/UC Administrators to test their own VoIP Infrastructure in a pilot before vulnerabilities are rolled into production. It can also be used by security professionals as a method of convincing IT decision makers that security best practices should be applied to VoIP/UC in the same way that they are applied to other TCP/IP based, client-server applications.

Some useful features of UCSniff that have been combined together into a single package:

Feature List
 UC Sniffer with VoIP and IP Video Support
 Automated Voice VLAN Discovery (CDP)
 VLAN Hop Support
 Sniffing across Ethernet Switches
 Automatic creation of forward and reverse RTP media streams into a single file
 Automatic creation of two avi files (forward and reverse video) for H.264 Video codec
 Automatic recording and saving of conversations using G.711 u-law codec
 Automatic recording and saving of conversations using G.722 codec
 MitM ARP Poisoning and host management support
 Monitor Mode (Span Session, Hub)
 Tracking and tracing of users, with logging
 Support for Cisco SIP, Cisco Skinny, RFC 3261 SIP
 Target Mode (Target User, Target Conversation)
 Corporate Directory Tool and functions (ACE)
 ARP Saver Tool to restore network in emergencies
 Detects if Gratuitous ARP is disabled on IP Phone
 Only requires 1 phone (not both) in source VLAN in order to capture entire conversation

Thanks to Maximilano Soler for the notification