VoIP Hopper is a GPLv3 licensed security tool, written in C, that rapidly runs a VLAN Hop security test.  VoIP Hopper is a VoIP infrastructure security testing tool but also a tool that can be used to test the (in)security of VLANs.  Get more details on the what and why here.

August 15, 2011:  VoIP Hopper 2.0 is released!  This is the same VoIP Hopper version that was demonstrated live at DefCon 19 conference in the presentation, "VoIP Hopping the Hotel:  Attacking the Crown Jewels through VoIP".  Some exciting new features of VoIP Hopper include the following:

• New "Assessment" mode:  Interactive, menu driven command interface, improves ability to VLAN Hop in Pentesting when the security tester is working against an unknown network infrastructure
  

• New VLAN Discovery methods (802.1q ARP, LLDP-MED)

• LLDP-MED spoofing and sniffing support

• Can bypass VoIP VLAN subnets that have DHCP disabled, and spoof the IP address and MAC address of a phone by setting a static IP
  

For a complete feature list, see here.

Please don't flame me to tell me that the design or implementation of the C code is ugly (I already know the code isn't as pretty as Jessica Biel).  If you have constructive feedback about useful features, implementation suggestions, or any insight or feedback on how VoIP Hopper helped you, I would like to hear from you.

Jason Ostrom, jpo@pobox.com