ENNAENNA

IVRE

GPL-3.0

🌐 Network Recon · Python

IVRE (Instrument de Veille sur les Réseaux Extérieurs) is a self-hosted network reconnaissance framework that functions as a private Shodan/Censys alternative. It integrates three data collection approaches: active scanning (wrapping Nmap, Masscan, and ZGrab2), passive network traffic analysis (using Zeek/Bro, p0f, and Argus), and flow analysis. All data is stored in MongoDB and searchable through a web interface, Python API, or CLI. IVRE enables organizations to build and maintain their own internet-wide scan datasets, correlate active and passive intelligence, and track infrastructure changes over time.

4.0kstars
686forks
53issues
Updated today
+I use this
View on GitHubOfficial Website

Installation

$ pip install ivre

Use Cases

  • Building a private internet-wide scan database
  • Correlating active scanning with passive traffic analysis
  • Asset discovery and change tracking over time
  • Replacing external services like Shodan with self-hosted infrastructure

Tags

network-reconshodan-alternativepassive-analysisself-hostedasset-discoverybroeasmexternal-attack-surface-managementhacktoberfestmasscannetworknetwork-discoverynetwork-reconnaissancenetwork-securitynmapnmap-parsernmap-results-analysenmap-scriptsosintprojectdiscoveryscan-portsscanssecurityzeek

Details

Category
🌐 Network Recon
Language
Python
Repository
ivre/ivre
License
GPL-3.0
Platforms
🐧linux🍎macos

Links

GitHub Repository

github.com/ivre/ivre

Official Website

ivre.rocks

Releases

github.com/ivre/ivre/releases

Issues

github.com/ivre/ivre/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Community Reviews

Alternatives & Comparisons

Nmap

C/C++

The gold standard network scanner. Host discovery, port scanning, service/version detection, OS fingerprinting.

Compare IVRE vs Nmap

Masscan

C

Internet-scale port scanner. Transmits 10 million packets per second. Asynchronous, stateless scanning.

Compare IVRE vs Masscan

Shodan CLI

Python

Command-line interface for Shodan, the search engine for internet-connected devices.

Compare IVRE vs Shodan CLI

Censys CLI

Python

Search engine for internet-connected devices. Alternative to Shodan with certificate and host search.

Compare IVRE vs Censys CLI

More in Network Recon

Nmap

C/C++

The gold standard network scanner. Host discovery, port scanning, service/version detection, OS fingerprinting.

port-scanservice-detectionos-fingerprint

Masscan

C

Internet-scale port scanner. Transmits 10 million packets per second. Asynchronous, stateless scanning.

port-scanhigh-speedinternet-scale

RustScan

Rust

Blazing fast port scanner that pipes into Nmap. Scans all 65k ports in 3 seconds flat.

port-scanfastnmap-integration

Shodan CLI

Python

Command-line interface for Shodan, the search engine for internet-connected devices.

iotsearch-engineinternet-scan

Wireshark

C/C++

The world's foremost network protocol analyzer. Deep packet inspection for hundreds of protocols.

packet-captureprotocol-analysisgui

Responder

Python

LLMNR/NBT-NS/mDNS poisoner and rogue authentication server. Captures NTLMv1/v2 hashes on the network.

ntlmpoisoncredential-capture