ivstools

ivstools [options] [input_file(s)] [output_file]

Examples:
ivstools -m file1.ivs file2.ivs merged.ivs
ivstools -x cap input.ivs output.cap
ivstools -s capture.ivs cleaned.ivs

-r
    Read from standard input instead of a file.

-w <file>
    Write output to the specified file. If not specified, output goes to standard output.

-x <format>
    Export/convert IVs to a specific format. Common formats include 'cap' (pcap), 'pcap', 'txt'.

-m
    Merge multiple IV files into a single output file. Input files are specified after this option.

-f <filter>
    Apply a filter to the IVs. Filter examples include 'size=X', 'type=X', 'timestamp=X'.

-s
    Remove duplicate IVs by sorting and unique-ifying the dataset.

-c
    Display the total count of IVs in the input file(s) without processing them.

-v
    Display version information of ivstools.

-h
    Display the help message and exit.

ivstools is a utility from the aircrack-ng suite designed to manipulate Initialization Vector (IV) files, typically used in wireless network security auditing. It allows users to merge multiple .ivs files into a single one, convert .ivs files to other formats (like .cap or plain text), filter IVs based on various criteria (e.g., size, timestamp), and remove duplicate IVs. This tool is crucial for preparing IV data for subsequent cracking attempts with tools like aircrack-ng, ensuring efficient and focused analysis of captured wireless traffic by optimizing the IV dataset.

ivstools is specifically designed to work with .ivs files, which are a specialized format for raw Initialization Vectors used by the aircrack-ng suite. It may not correctly process general .cap or .pcap files without prior extraction of IVs. Input files must conform to the expected .ivs structure; corrupted or malformed files can lead to errors or incorrect output. While it can convert to .cap, it only generates a minimal pcap structure containing the IVs, not full packets.

Initialization Vectors (IVs) are critical components in legacy wireless security protocols like WEP, and also present in WPA handshakes. ivstools helps in processing these IVs extracted from captured wireless traffic, often from .cap files. These processed IVs are then used by tools like aircrack-ng to deduce cryptographic keys. The efficiency of cracking heavily relies on a large number of unique IVs, making ivstools an essential preprocessing tool for data preparation and optimization.

ivstools is an integral part of the aircrack-ng suite, a popular open-source project for wireless network auditing and cracking. It has been developed alongside aircrack-ng to provide specialized IV manipulation capabilities necessary for WEP/WPA cracking efforts, evolving as the suite has matured to support more efficient and targeted analysis of captured wireless traffic.

aircrack-ng(1), airdump-ng(1), wpaclean(1), airmon-ng(8)