Tool and Usage
|Author||Camille Mougey, Florent Monjalet, Pierre Lalet|
|Latest release||0.9.14 |
How it works
IVRE uses data from other sources like Argus, Bro, Masscan, Nmap, zmap, and others. It pulls in the data and stores it in a MongoDB instance for further analysis. Network flows (flowdata) can be used as well, in which it uses a Neo4j database. The data can be extracted and displayed via command-line, web interface, or the Python API.
IVRE means Instrument de veille sur les réseaux extérieurs. It is French for DRUNK, Dynamic Recon of Unknown NetworKs. The IVRE framework allows both active as passive data gathering.
Usage and audience
IVRE is commonly used for digital forensics, information gathering, intrusion detection, or network analysis. Target users for this tool are pentesters, security professionals, and system administrators.
- Application programming interface (API) available
- Command line interface
- Graphical user interface
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + More than 10 contributors
- + More than 1000 GitHub stars
- + The source code of this software is available
Supported operating systems
IVRE is known to work on Linux.
Several dependencies are required to use IVRE.
Similar tools to IVRE:
The 0trace.py utility is a rewrite of 0trace (by another author) to perform reconnaissance and bypass network firewalls.
Zeek is a network security monitoring tool (NSM) and helps with monitoring. It can also play an active rol in performing forensics and incident response.
Chiron is a security assessment framework for IPv6 testing. It can be used during penetration testing or analysis of network devices. Read how it works in this review.
This tool page was updated at . Found an improvement? Help the community by submitting an update.