LIVE CAPTCHA
Waiting for challenges...
LIVE BLOCKED
Monitoring...
Whsipder
anti-robocall engine
Get Access
Built by telecom security engineers

Kill the threat
before the call connects.

A lightweight media proxy that drops in front of your existing infrastructure. No dial plans, no PBX complexity, no rip-and-replace. Whsipder sits inline on the SIP path, scores every call across 16 detection layers in under 50ms, and continues with GPU-accelerated audio analysis post-answer — including live transcription and brand impersonation detection.

16
Scoring layers
<50ms
Pre-call decision
60+
Keyword patterns
49
Brand spoof patterns
Drop-in media proxy. Zero config.
Point your SIP trunk at Whsipder. It inspects, scores, and forwards — your existing softswitch, dial plans, and routing logic stay exactly as they are. One box. One change. Done. Built by security engineers, for security engineers.
Pre-Call Detection

16 layers. <50ms. Before media flows.

Every inbound call is scored across 16 independent detection layers before it connects. Each layer produces a weighted suspicion score. The combined result: ALLOW, CAPTCHA, or BLOCK.

Identity & Attestation
Caller ID verification against 49 known brand spoofing patterns. Deep STIR/SHAKEN attestation parsing — A (full: originator verified number), B (partial: tenant verified, not number), C (gateway: no verification, just transit). Certificate chain validation, origination mismatch detection, and missing Identity header flagging. P-Asserted-Identity cross-referencing and neighbor spoofing detection.
Caller ID verificationSHAKEN A/B/C attestationCertificate validationNeighbor spoofingDisplay name analysis
Behavioral Analysis
Real-time velocity tracking, sequential dialing detection, and temporal pattern analysis. Catches robocall behavior that metadata-only systems miss entirely.
Call velocity trackingSequential dialingTemporal patternsDuration profiling
Infrastructure Fingerprinting
Deterministic hash from 6 SIP/SDP characteristics — User-Agent, session name, codec set, transport, Via hops, and STIR/SHAKEN presence. Same dialer platform = same fingerprint, regardless of caller ID or IP rotation. Reputation learning degrades known-bad fingerprints over time.
Platform hash fingerprintReputation learningUser-Agent analysisSDP analysisMedia IP reputationProxy chain detection
Active Traps
Honeypot numbers that trigger instant source-level blocks. Zero tolerance — any call to a trap number identifies the source as a robocaller.
Honeypot networkThreat intel feeds
Post-Answer Audio Analysis

GPU-accelerated. Real-time. Every call.

Once connected, Whsipder captures the audio stream for real-time AI analysis — live transcription, keyword matching, and brand impersonation detection.

Live Transcription
GPU-accelerated speech-to-text on every connected call. Multi-language support with automatic detection. Voice Activity Detection for efficient processing.
Keyword & Script Detection
60+ weighted keywords across 8 scam categories — warranty scams, urgency tactics, IVR prompts, government impersonation, tech support, and more.
Brand Impersonation
Real-time transcript matching against known impersonated brands. Dynamic blocklist managed via API. Catches "This is Google Support" before the victim engages.
Voice CAPTCHA

Prove you're human. Before the call connects.

Borderline calls get an audio CAPTCHA challenge. Three difficulty levels with dynamic generation. Automated systems fail — humans pass naturally.

Decision Flow
Inbound SIP INVITE
  |
  v
[16-Layer Scoring] ──> Score: 0-100
  |
  ├─ Low risk   ──> ALLOW   ──> Connect
  ├─ Borderline ──> CAPTCHA ──> Pass? Connect : Drop
  └─ High risk  ──> BLOCK   ──> Reject (603)
  |
  v (if connected)
[Audio Analysis]
  ├─ Live transcription
  ├─ Keyword / brand detection
  └─ Mid-call BLOCK if threat confirmed
Live Dashboard

Full visibility. Instant control.

Real-time monitoring with live scoring feeds, active transcription, one-click call termination, and per-trunk configuration — all from a single pane.

SSE
Live streaming feed
16
Per-layer score breakdown
1-click
Call termination
CSV
Full CDR export
Per-Trunk Configuration
Independent BLOCK and CAPTCHA thresholds per trunk. Whitelist trusted sources. Override layer weights. All changes take effect instantly — no restarts.
Detection Engine Tuning
Enable/disable any of the 16 layers independently. Adjust per-layer weights via UI sliders. Score normalization adapts automatically.
Roadmap

What's next.

Active development on voice fingerprinting, reputation databanks, and expanded threat intelligence.

Voice Fingerprinting
planned
Speaker embedding model that builds voice fingerprints of known robocall voices. Same voice, different numbers = same robocaller.
Reputation Databank
planned
Persistent per-number and per-IP reputation profiles. Relationship graphs linking numbers, IPs, voices, and campaigns to identify robocall networks.
GeoIP Anomaly Detection
planned
Datacenter vs. residential IP classification. Geographic anomaly detection — signaling from US, media from overseas.
External Threat Intelligence
planned
FCC Consumer Complaint Database, Industry Traceback Consortium, and YouMail Robocall Index. Pluggable architecture for custom threat feeds.
Ready to kill robocalls at the source?

See Whsipder in action — live scoring, real-time transcription, and threat blocking on actual call traffic.

Request a Demo