• Stars
    star
    678
  • Rank 66,609 (Top 2 %)
  • Language
    Ruby
  • License
    GNU General Publi...
  • Created almost 15 years ago
  • Updated 3 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin also allows for the rapid development and distribution of code, exploits, payloads, etc, via 3rd-party git repositories.

ronin

CI Code Climate Gem Version

Description

Ronin is a free and Open Source Ruby toolkit for security research and development. Ronin contains many different CLI commands and Ruby libraries for a variety of security tasks, such as encoding/decoding data, filter IPs/hosts/URLs, querying ASNs, querying DNS, HTTP, scanning for web vulnerabilities, spidering websites, install 3rd party repositories of exploits and/or payloads, run exploits, write new exploits, managing local databases, fuzzing data, and much more.

Who is Ronin for?

  • CTF players
  • Bug bounty hunters
  • Security Researchers
  • Security Engineers
  • Developers
  • Students

What does Ronin provide?

  • A toolkit of useful commands.
  • A fully-loaded Ruby REPL.
  • An ecosystem of high-quality security related Ruby libraries, APIs, and commands.

What can you do with Ronin?

  • Quickly process and query various data using the ronin commands.
  • Efficiently work with code and data in the ronin irb Ruby REPL.
  • Rapidly prototype Ruby scripts using ronin-support and other ronin libraries.
  • Install 3rd-party git repositories of exploits, payloads, or other code, using ronin-repos.
  • Import and query data using the ronin-db database.
  • Fuzz data using ronin-fuzzer.
  • Use common payloads or write your own using ronin-payloads.
  • Write/run exploits using ronin-exploits.
  • Scan for web vulnerabilities using ronin-vulns.

Synopsis

Usage: ronin [options] [COMMAND [ARGS...]]

Options:
    -h, --help                       Print help information

Arguments:
    [COMMAND]                        The command name to run
    [ARGS ...]                       Additional arguments for the command

Commands:
    asn
    banner-grab
    bitflip
    cert-dump
    cert-gen
    cert-grab
    decode, dec
    decrypt
    dns
    email-addr
    encode, enc
    encrypt
    entropy
    escape
    extract
    grep
    help
    hexdump
    highlight
    hmac
    homoglyph
    host
    http
    ip
    iprange
    irb
    md5
    netcat, nc
    new
    proxy
    public-suffix-list
    quote
    rot
    sha1
    sha256
    sha512
    strings
    tld-list
    tips
    typo
    typosquat
    unescape
    unhexdump
    unquote
    url
    xor

Additional Ronin Commands:
    $ ronin-repos
    $ ronin-db
    $ ronin-web
    $ ronin-fuzzer
    $ ronin-payloads
    $ ronin-exploits
    $ ronin-vulns

List ronin commands:

$ ronin help

View a man-page for a command:

$ ronin help COMMAND

Get a random tip on how to use ronin:

$ ronin tips

Open the Ronin Ruby REPL:

$ ronin irb

Generate a new Ruby script with ronin-support preloaded:

$ ronin new script foo.rb

Generate a new Ruby project with a Gemfile:

$ ronin new project foo

Binary

Hexdumps data in a variety of formats:

$ ronin hexdump /bin/ls

Un-hexdumps a hexdump file back into it's original raw binary data:

$ ronin unhexdump -o data.bin hexdump.txt

Print all printable strings from a file:

$ ronin strings /bin/ls

Print all alphabetic strings from a file:

$ ronin strings --alpha /bin/ls

Print all alpha-numeric strings from a file:

$ ronin strings --alpha-num /bin/ls

Print all numeric strings from a file:

$ ronin strings --numeric /bin/ls

Print all hexadecimal strings from a file:

$ ronin strings --hex /bin/ls

Enumerate through all of the Bit-flips of a domain name:

$ ronin bitflip microsoft --alpha-num --append .com
licrosoft.com
oicrosoft.com
iicrosoft.com
eicrosoft.com
Microsoft.com
mhcrosoft.com
mkcrosoft.com
mmcrosoft.com
macrosoft.com
mycrosoft.com
...

Encoding

Base64 encode a string:

$ ronin encode --base64 --string "foo bar baz"
Zm9vIGJhciBiYXo=

Zlib compresses, Base64 encodes, and then URI encode a string:

$ ronin encode --zlib --base64 --uri --string "foo bar"
%65%4A%78%4C%79%38%39%58%53%45%6F%73%41%67%41%4B%63%41%4B%61%0A

Base64 decode a string:

$ ronin decode --base64 --string "Zm9vIGJhciBiYXo="
foo bar baz

URI decode, Base64 decode, and then zlib inflates a string:

$ ronin decode --uri --base64 --zlib --string "%65%4A%78%4C%79%38%39%58%53%45%6F%73%41%67%41%4B%63%41%4B%61%0A"
foo bar

URI escape a string:

$ ronin escape --uri --string "foo bar"
foo%20bar

URI unescape a string:

$ ronin unescape --uri --string "foo%20bar"
foo bar

Convert a file into a quoted C string:

$ ronin quote --c file.bin
"..."

Convert a file into a quoted JavaScript string:

$ ronin quote --js file.bin

Unquote a C string:

$ ronin unquote --c --string '"\x66\x6f\x6f\x20\x62\x61\x72"'
foo bar

Text

Extract high-entropy data from a file:

$ ronin entropy -e 5.0 index.html

Grep for common patterns of data:

$ ronin grep --hash index.html

Extract common patterns from data:

$ ronin extract --hash index.html

Generate a random typo of a word:

$ ronin typo microsoft
microssoft

Enumerate over every typo variation of a word:

$ ronin typo --enum microsoft
microosoft
microsooft
microssoft

Generate a random homoglyph version of a word:

$ ronin homoglyph CEO
Cï¼¥O

Enumerate over every homoglyph variation of a word:

$ ronin homoglyph --enum CEO
ϹEO
СEO
â…­EO
ï¼£EO
CΕO
CЕO
Cï¼¥O
CEΟ
CEО
CEO

Syntax-highlights a file:

$ ronin highlight index.html

Cryptography

AES-256 encrypt a file:

$ ronin encrypt --cipher aes-256-cbc --password "..." file.txt > encrypted.bin

Decrypt data:

$ ronin decrypt --cipher aes-256-cbc --password "..." encrypted.bin

Generates a HMAC for a file:

$ ronin hmac --hash sha1 --password "too many secrets" data.txt

Generates a HMAC for a string:

$ ronin hmac --hash sha1 --password "too many secrets" --string "..."

Calculate an MD5 checksum of a string:

$ ronin md5 --string "hello world"
5eb63bbbe01eeed093cb22bb8f5acdc3

Calculate the MD5 checksum of a file:

$ ronin md5 file.txt

Calculate the MD5 checksum of every line in a file:

$ ronin md5 --multiline file.txt

Calculate an SHA1 checksum of a string:

$ ronin sha1 --string "hello world"
2aae6c35c94fcfb415dbe95f408b9ce91ee846ed

Calculate the SHA1 checksum of a file:

$ ronin sha1 file.txt

Calculate the SHA1 checksum of every line in a file:

$ ronin sha1 --multiline file.txt

Calculate an SHA256 checksum of a string:

$ ronin sha256 --string "hello world"
b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9

Calculate the SHA256 checksum of a file:

$ ronin sha256 file.txt

Calculate the SHA256 checksum of every line in a file:

$ ronin sha256 --multiline file.txt

Calculate an SHA512 checksum of a string:

$ ronin sha512 --string "hello world"
309ecc489c12d6eb4cc40f50c902f2b4d0ed77ee511a7c7a9bcd3ca86d4cd86f989dd35bc5ff499670da34255b45b0cfd830e81f605dcf7dc5542e93ae9cd76f

Calculate the SHA512 checksum of a file:

$ ronin sha512 file.txt

Calculate the SHA512 checksum of every line in a file:

$ ronin sha512 --multiline file.txt

ROT-13 encodes a string:

$ ronin rot --string "The quick brown fox jumps over the lazy dog"
Gur dhvpx oebja sbk whzcf bire gur ynml qbt

XOR encodes a string:

$ ronin xor --key ABC --string "The quick brown fox jumps over the lazy dog"
"\x15*&a36(!(a 1.5-a$,9b)4/32b,7'1a6+$b/ 8:a&,&"

Networking

Query the ASN of an IP address:

$ ronin asn -I 4.2.2.1
4.0.0.0/9 AS3356 (US) LEVEL3

Get the system's external/public IP address:

$ ronin ip --public

Convert an IP address to decimal format:

$ ronin ip --decimal 127.0.0.1
2130706433

Convert a file of IP addresses into URLs:

$ ronin ip --file targets.txt --http

Enumerate over every IP address in the IP CIDR range:

$ ronin iprange 10.1.0.0/15
10.0.0.1
10.0.0.2
10.0.0.3
10.0.0.4
10.0.0.5
10.0.0.6
10.0.0.7
10.0.0.8
10.0.0.9
...

Enumerate over every IP address in the IP glob range:

$ ronin iprange 10.1-3.0.*
10.1.0.1
10.1.0.2
10.1.0.3
10.1.0.4
10.1.0.5
10.1.0.6
10.1.0.7
10.1.0.8
10.1.0.9
10.1.0.10
...

Enumerate over every IP address between two IP addresses:

$ ronin iprange --start 10.0.0.1 --stop 10.0.3.33
10.0.0.1
10.0.0.2
10.0.0.3
10.0.0.4
10.0.0.5
10.0.0.6
10.0.0.7
10.0.0.8
10.0.0.9
10.0.0.10

Connect to a remote TCP service:

$ ronin netcat -v example.com 80

Listen on a local TCP port:

$ ronin netcat -v -l 1337

Connect to a remote SSL/TLS service:

$ ronin netcat -v --ssl example.com 443

Connect to a remote UDP service:

$ ronin netcat -v -u example.com 1337

Listen on a local UDP port:

$ ronin netcat -v -u -l 1337

Opens a UNIX socket:

$ ronin netcat -v --unix /path/to/unix.socket

Hexdump all data received from a socket:

$ ronin netcat --hexdump example.com 80
GET / HTTP/1.1
Host: example.com
User-Agent: Ruby

00000000  48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d  |HTTP/1.1 200 OK.|
00000010  0a 41 67 65 3a 20 32 35 30 38 30 36 0d 0a 43 61  |.Age: 250806..Ca|
00000020  63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6d 61 78  |che-Control: max|
00000030  2d 61 67 65 3d 36 30 34 38 30 30 0d 0a 43 6f 6e  |-age=604800..Con|
00000040  74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f  |tent-Type: text/|
00000050  68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54  |html; charset=UT|
...

DNS

Query DNS records:

$ ronin dns -t TXT github.com

Find all registered TLDs for a host name:

$ ronin host --enum-tlds --registered github.com
github.ac
github.actor
github.ae
github.africa
github.agency
github.ai
...

Find all registered public suffixes for a host name:

$ ronin host --enum-suffix --registered github.com
example.com.ag
example.ai
example.al
example.am
example.com.ar
example.at
example.co.at
example.or.at
example.com.au
example.be
example.com.bh
...

Find all subdomains that have addresses:

$ ronin host --enum-subdomains subdomains.txt --has-addresses google.com
www.google.com
mail.google.com
smtp.google.com
ns1.google.com
ns2.google.com
m.google.com
ns.google.com
blog.google.com
admin.google.com
news.google.com
vpn.google.com
ns3.google.com
...

Enumerate over every possible typosquat variation of a domain:

$ ronin typosquat microsoft.com
microosoft.com
microsooft.com
microssoft.com

Find all of the registered typosquat domains for a valid domain:

$ ronin typosquat --registered microsoft.com

Find all of the typosquat domains with addresses for a valid domain:

$ ronin typosquat --has-addresses microsoft.com

Find all of the unregistered typosquat domains for a valid domain:

$ ronin typosquat --unregistered microsoft.com

De-obfuscate an email address:

$ ronin email-addr --deobfuscate "john [dot] smith [at] example [dot] com"
[email protected]

Enumerate through all of the obfuscations of an email address:

$ ronin email-addr --enum-obfuscations [email protected]
john.smith @ example.com
john.smith AT example.com
john.smith at example.com
john.smith[AT]example.com
john.smith[at]example.com
...

SSL/TLS Certs

Dump information about a SSL/TLS certificate:

$ ronin cert-dump https://example.com/

Download a SSL/TLS certificate from a host and port:

$ ronin cert-grab github.com:443

Generate a new SSL/TLS certificate:

$ ronin cert-gen -c test.com -O "Test Co" -U "Test Dept" \
                 -L "Test City" -S NY -C US

HTTP

Perform an HTTP GET request (with syntax highlighting):

$ ronin http https://example.com/

Send an HTTP request with additional headers:

$ ronin http --post --header "Authorization: ..." https://foo.bar/

Send an HTTP request with a known User-Agent string:

$ ronin http --post --user-agent chrome-android https://foo.bar/

Send an HTTP request with a custom User-Agent string:

$ ronin http --post --user-agent-string "..." https://foo.bar/

Open an interactive HTTP shell:

$ ronin http --shell https://example.com/
https://example.com/> help
  help [COMMAND]                      	Prints the list of commands or additional help
  get PATH[?QUERY] [BODY]             	Performs a GET request
  head PATH[?QUERY]                   	Performs a HEAD request
  patch PATH[?QUERY] [BODY]           	Performs a PATCH request
  post PATH[?QUERY] [BODY]            	Performs a POST request
  put PATH [BODY]                     	Performs a PUT request
  copy PATH DEST                      	Performs a COPY request
  delete PATH[?QUERY]                 	Performs a DELETE request
  lock PATH[?QUERY]                   	Performs a LOCK request
  options PATH[?QUERY]                	Performs a OPTIONS request
  mkcol PATH[?QUERY]                  	Performs a MKCOL request
  move PATH[?QUERY] DEST              	Performs a MOVE request
  propfind PATH[?QUERY]               	Performs a PROPFIND request
  proppatch PATH[?QUERY]              	Performs a PROPPATCH request
  trace PATH[?QUERY]                  	Performs a TRACE request
  unlock PATH[?QUERY]                 	Performs a UNLOCK request
  cd PATH                             	Changes the base URL path
  headers [{set | unset} NAME [VALUE]]	Manages the request headers

Print the HTTP status of every URL in a file:

$ ronin url --file urls.txt --status

See Also

Requirements

Install

Bash Script

curl -o ronin-install.sh https://raw.githubusercontent.com/ronin-rb/scripts/main/ronin-install.sh && bash ronin-install.sh

Manually

See the manual install instructions for how to install Ronin and it's additional dependencies on your platform.

Docker

If you prefer using Docker, there are also Docker images available:

docker pull roninrb/ronin
docker run -it roninrb/ronin

Additionally, if you want to mount your home directory into the docker image:

docker run --mount type=bind,source="$HOME",target=/home/ronin -it ronin

Development

  1. Fork It!
  2. Clone It!
  3. cd ronin
  4. bundle install
  5. git checkout -b my_feature
  6. Code It!
  7. bundle exec rake spec
  8. git push origin my_feature

License

Copyright (c) 2006-2023 Hal Brodigan (postmodern.mod3 at gmail.com)

Ronin is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

Ronin is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with Ronin. If not, see https://www.gnu.org/licenses/.

More Repositories

1

ronin-exploits

A Ruby micro-framework for writing and running exploits
Ruby
69
star
2

ronin-vulns

Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
Ruby
59
star
3

ronin-code-asm

A Ruby DSL for crafting assmebly programs and shellcode.
Ruby
48
star
4

ronin-code-sql

A Ruby DSL for crafting SQL Injections
Ruby
45
star
5

ronin-web

ronin-web is a collection of useful web helper methods and commands.
Ruby
40
star
6

ronin-recon

A micro-framework and tool for performing reconnaissance.
Ruby
30
star
7

ronin-scanners

A Ruby library for Ronin that provides a Ruby interface to various third-party security scanners.
Ruby
26
star
8

ronin-support

A support library for Ronin. Like activesupport, but for hacking!
Ruby
25
star
9

ronin-rb.github.io

The ronin-rb.dev website
HTML
25
star
10

ronin-app

A local web interface for Ronin.
Ruby
23
star
11

ronin-payloads

A Ruby micro-framework for writing and running exploit payloads
Ruby
20
star
12

ronin-db

A common database library for managing and querying security data
Ruby
14
star
13

ronin-fuzzer

A Ruby library for generating, mutating, and fuzzing data
Ruby
11
star
14

ronin-web-browser

A Ruby library for automating the Chrome web browser
Ruby
9
star
15

ronin-web-spider

A collection of common web spidering routines
Ruby
8
star
16

scripts

Useful shell scripts for ronin-rb
Shell
8
star
17

ronin-metasploit

[EXPERIMENT] A Ronin library which provides support for accessing The Metasploit Framework.
Ruby
8
star
18

ronin-db-activerecord

ActiveRecord backend for the Ronin Database
Ruby
7
star
19

ronin-repos

Third-party git repository support for ronin.
Ruby
7
star
20

ronin-gen

Ronin Gen is a Ruby library for Ronin that provides various generators.
Ruby
7
star
21

ronin-dns-proxy

A configurable DNS proxy server library
Ruby
7
star
22

ronin-web-proxy

A Man-in-the-Middle (MITM) HTTP proxy server for Ruby
Ruby
6
star
23

ronin-web-user_agents

Yet another User-Agent string generator library
Ruby
5
star
24

ronin-nmap

A Ruby library for working with nmap.
Ruby
5
star
25

ronin-listener-dns

A DNS listener for receiving exfiltrated data via DNS queries.
Ruby
4
star
26

docker

ronin-rb docker image
Makefile
4
star
27

ronin-web-server

A custom Ruby web server based on Sinatra.
Ruby
4
star
28

ronin-irc

An IRC bot for Ronin (WIP)
Ruby
4
star
29

ronin-post_ex

A Ruby API for Post-Exploitation
Ruby
3
star
30

ronin-bruteforcers

A Ruby library for Ronin that provides various bruteforcers.
Ruby
3
star
31

vuln-apps

A collection of simple vulnerable web apps for testing vulnerability scanners or educational purposes.
PHP
3
star
32

ronin-listener-http

A HTTP server for receiving exfiled data.
Ruby
3
star
33

ronin-masscan

A Ruby library and CLI for working with masscan.
Ruby
3
star
34

ronin-dev

Manage all ronin repositories.
Ruby
3
star
35

ronin-core

A core library for all ronin libraries.
Ruby
3
star
36

ronin-web-session_cookie

A library for parsing and deserializing various session cookies.
Ruby
2
star
37

bruteforceables

A collection of bruteforceable apps and servers
Makefile
2
star
38

ronin-wordlists

A library and tool for managing wordlists.
Ruby
2
star
39

snap

snap image for ronin
2
star
40

rubocop-ronin

rubocop configuration for the ronin-rb project
Ruby
2
star
41

ronin-listener

A Ruby CLI utility for receiving exfiltrated data.
Ruby
1
star
42

ronin-agent-ruby

A ronin agent written in Ruby
Ruby
1
star
43

.github

GitHub meta repository
1
star