Python JavaScript HTML CSS Lua Bro Other
Clone or download
p-l- Merge pull request #549 from p-l-/utils-ipv6
Utils: support IPv6 addresses in int2ip() and ip2int()
Latest commit 36df3b5 Jul 10, 2018
Permalink
Failed to load latest commit information.
.github Update CONTRIBUTING for flake8 tests Apr 5, 2018
.travis travis: add sqlite tests Jun 11, 2018
bash_completion [bash completion] Fix choices for short options Jun 26, 2017
bin Add flake8 tests on ivre script itself Apr 8, 2018
bro Bro: remove dhcp_names May 20, 2018
data Fix empty directories creation on pip install Apr 26, 2018
doc Implement GeoIP2 support Jun 6, 2018
docker Docker/web (nginx): use Bottle with UWSGI Mar 26, 2018
ivre Utils: support IPv6 addresses in int2ip() and ip2int() Jul 10, 2018
nmap_scripts Nmap scrips/http-screenshot: attempt to detect SSL without -sV Mar 4, 2018
pkg Doc: add future dependency May 3, 2018
tests Utils: support IPv6 addresses in int2ip() and ip2int() Jul 10, 2018
web Web/UI: add service & port display modes Jun 25, 2018
.codeclimate.yml CodeClimate: enable Python checks Nov 29, 2015
.codecov.yml Tests/Coverage: fix codecov ignore Feb 23, 2017
.gitattributes Clean support for versions Jan 25, 2017
.gitignore Clean support for versions Jan 25, 2017
.travis.yml Tests: x509 certificates from masscan Jun 18, 2018
LICENSE Add a license file and an issue template Jun 16, 2017
MANIFEST update MANIFEST Jun 11, 2018
README.md Add FAQ Jan 28, 2017
requirements-mongo-26.txt Tests: specify a maximum version for pymongo with Python 2.6 Jun 29, 2018
requirements-mongo.txt Web: use Bottle to implement "ivre httpd" CLI and the CGIs Mar 26, 2018
requirements-neo4j.txt Web: use Bottle to implement "ivre httpd" CLI and the CGIs Mar 26, 2018
requirements-postgres-26.txt Web: use Bottle to implement "ivre httpd" CLI and the CGIs Mar 26, 2018
requirements-postgres.txt Web: use Bottle to implement "ivre httpd" CLI and the CGIs Mar 26, 2018
requirements-sqlite-26.txt travis: add sqlite tests Jun 11, 2018
requirements-sqlite.txt travis: add sqlite tests Jun 11, 2018
requirements.txt Web: use Bottle to implement "ivre httpd" CLI and the CGIs Mar 26, 2018
setup.cfg Clean support for versions Jan 25, 2017
setup.py sql: split sql-agnostic, and postgresql methods. Jun 11, 2018

README.md

Build Status

What is it?

Logo IVRE (Instrument de veille sur les réseaux extérieurs) or DRUNK (Dynamic Recon of UNKnown networks) is a network recon framework, including tools for passive recon (flow analytics relying on Bro, Argus, Nfdump, fingerprint analytics based on Bro and p0f and active recon (IVRE uses Nmap to run scans, can use ZMap as a pre-scanner; IVRE can also import XML output from Nmap and Masscan).

The advertising slogans are:

  • (in French): IVRE, il scanne Internet.
  • (in English): Know the networks, get DRUNK!

The names IVRE and DRUNK have been chosen as a tribute to "Le Taullier".

Overview

You can have a look at the project homepage, the screenshot gallery, and the quick video introducion for an overview of the Web interface.

We have a demonstration instance, just contact us to get an access.

A few blog posts have been written to show some features of IVRE.

Documentation

See doc/README (and doc/* files) for more information.

On a server with the IVRE web server properly installed with a Dokuwiki notepad, the doc/* files are available under the doc: namespace (e.g., doc:readme for the doc/README file).

On a client with IVRE installed, you can use a --help option with most IVRE CLI tools, and use help(ivre.module) with most IVRE Python sub-modules.

License

IVRE is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

IVRE is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with IVRE. If not, see the gnu.org web site.

Support

Try --help for the CLI tools, help() under Python and the "HELP" button in the web interface.

Have a look at the FAQ!

Feel free to contact the author and offer him a beer if you need help!

If you don't like beer, a good scotch or any other good alcoholic beverage will do (it is the author's unalienable right to decide whether a beverage is good or not).

Contributing

Code contributions (pull-requests) are of course welcome!

The project needs scan results and capture files that can be provided as examples. If you can contribute some samples, or if you want to contribute some samples and would need some help to do so, or if you can provide a server to run scans, please contact the author.

Contact

For both support and contribution, the repository on Github should be used: feel free to create a new issue or a pull request!

You can also try to use the e-mail dev on the domain ivre.rocks, or to join the IRC chan #ivre on Freenode.

Talking about IVRE

Research

If you are using IVRE in you research, please cite it as follows:

Pierre Lalet, Florent Monjalet, and Camille Mougey. IVRE, a network recon framework. https://github.com/cea-sec/ivre, 2011-2017.

Here is the appropriate bibtex entry:

@MISC{ivre,
    title = {{IVRE}, a network recon framework},
    author={Lalet, Pierre and Monjalet, Florent and Mougey, Camille},
    url = {https://ivre.rocks/},
    howpublished = {\url{https://github.com/cea-sec/ivre/}},
    institution = {{CEA}: the French Alternative Energies and Atomic Energy Commission},
    year = {2011--2017},
}

Technical documents, blog posts, etc.

You can mention "IVRE, a network recon framework", together with the project homepage, https://ivre.rocks/ and/or the repository, https://github.com/cea-sec/ivre.

On twitter, you can follow and/or mention @IvreRocks.


This file is part of IVRE. Copyright 2011 - 2017 Pierre LALET.