Robustness of applications used for Voice over Internet Protocol based systems against attacks is a critical part to secure such systems. Automatic security testing is required to detect security vulnera- bilities in an efﬁcient way. This enables to harden the applications early during the development phase. In the paper we present a fuzzer framework to detect security vulnerabilities in Voice over IP (VoIP) Softphones which implement Session Initiation Protocol (SIP). The pre- sented approach automates the Graphical User Interface (GUI) interaction for softphones during fuzzing and also observes the behavior of the softphone GUIs to automatically detect application errors. Results of testing two open source softphones by using our fuzzer showed that various unknown vulnerabilities could be identiﬁed with the implemented fuzzer and some vulnerabilities were found that are only detectable by using GUI observation.