IVRE

IVRE (Instrument de veille sur les réseaux extérieurs) or DRUNK (Dynamic Recon of UNKnown networks) is a network recon framework, including tools for passive and active recon. IVRE can use data from:

• Passive tools:
  • Zeek
  • Argus
  • Nfdump
  • p0f
  • airodump-ng
• Active tools:
  • Nmap
  • Masscan
  • ZGrab2
  • ZDNS
  • Nuclei
  • httpx
  • dnsx
  • tlsx
  • Dismap

The advertising slogans are:

• (in French): IVRE, il scanne Internet.
• (in English): Know the networks, get DRUNK!
• (in Latin): Nunc est bibendum.

The names IVRE and DRUNK have been chosen as a tribute to "Le Taullier".

Overview

You can have a look at the project homepage, the screenshot gallery, and the quick video introduction for an overview of the Web interface.

We have a demonstration instance, just contact us to get an access.

A few blog posts have been written to show some features of IVRE.

Documentation

IVRE's documentation is hosted by Read The Docs, based on files from the doc/ directory of the repository.

On an IVRE web server, the doc/* files are available, rendered, under /doc/.

On a system with IVRE installed, you can use a --help option with most IVRE CLI tools, and help(ivre.module) with most IVRE Python sub-modules.

License

IVRE is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

IVRE is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with IVRE. If not, see the gnu.org web site.

Support

Try --help for the CLI tools, help() under Python and the "HELP" button in the web interface.

Have a look at the FAQ!

Feel free to contact the author and offer him a beer if you need help!

If you don't like beer, a good scotch or any other good alcoholic beverage will do (it is the author's unalienable right to decide whether a beverage is good or not).

Contributing

Code contributions (pull-requests) are of course welcome!

The project needs scan results and capture files that can be provided as examples. If you can contribute some samples, or if you want to contribute some samples and would need some help to do so, or if you can provide a server to run scans, please contact the author.

Contact

For both support and contribution, the repository on Github should be used: feel free to create a new issue or a pull request!

You can also join the Gitter conversation (that is the preferred way to get in touch for questions), or use the e-mail dev on the domain ivre.rocks.

Talking about IVRE

Research

If you are using IVRE in you research, please cite it as follows:

IVRE contributors. IVRE, a network recon framework. https://github.com/ivre/ivre, 2011-2022.

Here is the appropriate bibtex entry:

@MISC{ivre,
    title = {{IVRE}, a network recon framework},
    author={IVRE contributors},
    url = {https://ivre.rocks/},
    howpublished = {\url{https://github.com/ivre/ivre/}},
    year = {2011--2022},
}

Technical documents & blog posts

You can mention "IVRE, a network recon framework", together with the project homepage, https://ivre.rocks/ and/or the repository, https://github.com/ivre/ivre.

On twitter, you can follow and/or mention @IvreRocks.