ike-scan is a command-line tool for discovering, fingerprinting and testing IPsec VPN systems. It constructs and sends IKE Phase-1 packets to the specified hosts, and displays any responses that are received.
ike-scan allows you to:
- Send IKE packets to any number of destination hosts, using a configurable output bandwidth or packet rate. (This is useful for VPN detection, when you may need to scan large address spaces.)
- Construct the outgoing IKE packet in a flexible way. (This includes IKE packets which do not comply with the RFC requirements.)
- Decode and display any returned packets.
- Crack aggressive mode pre-shared keys. (You can use ike-scan to obtain the PSK hash data, and then use psk-crack to obtain the key.)
You can read more in depth about ike-scan and how to use it – in the User Guide.
ike-scan is free software, licensed under the GPL. It runs on Windows, Linux and most Unix systems. If you don’t already have ike-scan installed on your system, read the installation guide.
You can download ike-scan 1.9 here:
Or read more here.