Lead Image © Victoria, Fotolia.com

Lead Image © Victoria, Fotolia.com

Visualizing IT infrastructures with IVRE

Mapped

Article from ADMIN 87/2025
By
The IVRE tool integrates into existing IT infrastructures for reconnaissance on private networks to help analyze endpoints accessible over the Internet.

Shodan [1] is probably the best-known tool for assessing the threat situation for your organization's network. Of course, Shodan can only check your network from the outside. Various tools such as Nmap, Masscan, or ZGrab can gain similar insights into the network behind the demilitarized zone (DMZ). The open source IVRE [2] tool provides a framework containing all the components you need to obtain results in a format that is just as clear and familiar as those from Shodan.

Although IVRE lets you scan and map your IT infrastructure, it can also analyze the results collectively and display them for interaction. IVRE also imports the output of common scanning tools and merges it into its own database, which means you can integrate IVRE with your existing toolset. In this article, I discuss the feature set that IVRE provides and show you how to set up IVRE for testing and to import initial data into the framework.

Installing and Launching

IVRE has some dependencies and is not always as easy to install as the website claims. If you use Kali Linux in your environment, you can use apt to install on Kali without problems, in most cases. In my setup, I launched IVRE on Linux and used the Vagrant description provided by the developers on GitHub [3] by cloning the repository with the command:

git clone https://github.com/ivre/ivre

Next, create the directories for IVRE's work data and set the access rights accordingly:

mkdir -m 777 var_lib_mongodb ivre-share dokuwiki_data

The Vagrant description relies on a Docker back end and caused issues from time to time when I was downloading images while writing this article. If vagrant up does not work on the first

...
Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Lead Image © Natalia Lukiyanova, 123RF.com
    Open source intelligence tools for pen testing
    Automating the pen test discovery process in the era of IoT, the cloud, and social media.
    more »
  • Lead Image Photo by Simeon Jacobson on Unsplash
    Improved defense through pen testing
    Discover indicators of compromise with open source pen testing tools.
    more »
  • Understanding Autodiscovery

    A lack of information about your infrastructure can result in faulty system configuration and other difficulties. Automatic discovery of all hosts and services would seem to be the best solution – but can it also prove itself in practice?

    more »
  • Lead Image © Raman Maisei, 123RF.com
    Develop your own scripts for Nmap
    Nmap does a great job with standard penetration testing tasks, but for specific security analyses, you will want to develop your own test scripts. The Nmap Scripting Engine makes this possible.
    more »
  • Intruder Tools

    Professional attackers have much more pointed at your site than just Nmap, and you should too if you want to test your network’s security. We’ll show you some tools intruders use to gather information.

    more »
comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Most Popular

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”> </a> <hr> </div> </div> <div class=