- Notifications
You must be signed in to change notification settings - Fork54
Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin also allows for the rapid development and distribution of code, exploits, payloads, etc, via 3rd-party git repositories.
License
ronin-rb/ronin
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Ronin is a free and Open SourceRuby toolkit for security researchand development. Ronin contains many differentCLI commands andRuby libraries for a variety of security tasks, such asencoding/decoding data, filter IPs/hosts/URLs, querying ASNs, querying DNS,HTTP,scanning for web vulnerabilities,spidering websites,installing 3rd-party repositories ofexploits and/orpayloads,running exploits,developing new exploits,managing local databases,fuzzing data,performing recon, and much more.
- CTF players
- Bug bounty hunters
- Security Researchers
- Security Engineers
- Developers
- Students
- A toolkit of useful commands.
- A fully-loaded Ruby REPL.
- An ecosystem of high-quality security related Ruby libraries, APIs, andcommands.
- A lightweight local web UI.
- Quickly process and query various data using the
ronincommands. - Efficiently work with code and data in the
ronin irbRuby REPL. - Rapidly prototype Ruby scripts usingronin-support and other
roninlibraries. - Install 3rd-partygit repositories of exploits, payloads, or other code,usingronin-repos.
- Import and query data using theronin-db database.
- Fuzz data usingronin-fuzzer.
- Perform recon usingronin-recon.
- Use common payloads or write your own usingronin-payloads.
- Write/run exploits usingronin-exploits.
- Scan for web vulnerabilities usingronin-vulns.
- Performs scans and browse the database in your browser usingronin-app.
Usage: ronin [options] [COMMAND [ARGS...]]Options: -h, --help Print help informationArguments: [COMMAND] The command name to run [ARGS ...] Additional arguments for the commandCommands: archive asn banner-grab bitflip cert-dump cert-gen cert-grab completion decode, dec decrypt dns dns-proxy email-addr encode, enc encrypt entropy escape extract grep help hexdump highlight hmac homoglyph host http ip iprange irb md5 netcat, nc new pack proxy public-suffix-list quote rot sha1 sha256 sha512 strings tld-list tips typo typosquat unarchive unescape unhexdump unpack unquote url xorAdditional Ronin Commands: $ ronin-repos $ ronin-wordlists $ ronin-db $ ronin-web $ ronin-fuzzer $ ronin-masscan $ ronin-nmap $ ronin-recon $ ronin-payloads $ ronin-exploits $ ronin-vulns $ ronin-appList ronin commands:
$ roninhelpView a man-page for a command:
$ roninhelp COMMANDGet a random tip on how to useronin:
$ ronin tips
Open the Ronin Ruby REPL:
$ ronin irb , Jµ ▓▓█▓ J▌ ▐▓██▌ ████ ██ ▐███D ╓▄▓▓█████▌ ██µ ████ ▄███ÖJ██▌ ███▌ ,╓µ▄▄▄▄▄▄▄▄µ;, ,▄▓██████████ ▐███ ▐███▀ ███▌ ████µ ▄███¬∞MÆ▓███████████████████████▓M ▄██████▀▀╙████▌ ████▌ ████ ▄███ J█████ ███▌ `█████▀▀▀▀▀███████ -████▀└ ████ ▐█████n ▄███O ███▌ ██████████ ▓████L ████▀ ▓████ ▓███Ö ███████ ███▌ ▓███ ▐█████████▀ ▄████▀ ,╓▄▄▄█████ J████Ü ,███▌ ▄███████████ J███▀ ████ █████ J█████████████████─ ████▌ ████ ████`██████▌ ████ ▐███Ü ▐███Ü ███████████▀▀▀╙└ ▐████ J███▌ ▓███▌ ²█████ J███Ü ███▌ ▀█▌ ▓██████████▌ ████▌ ████ ;████ ▀███▀ ███▌ J▀▀▀- █ ▄█████▀ ▀█████µ ▐████ ,▄▓████▀ ████▀ ███ J███ ` J█████- ╙▀███▄ ████████████▀╙ J█▀▀▀ █U ▀█▌ ████▀ ▀███ ▄████████▀▀ ╨ █ ▓██▀ ²▀█▄ █▀▀▀╙└ ▄██╜ ╙W J█▀ ▌└ ┘irb(ronin)>Starts and opens the interactive Web UI for Ronin:
$ ronin-appHexdumps data in a variety of formats:
$ ronin hexdump /bin/ls
Un-hexdumps a hexdump file back into it's original raw binary data:
$ ronin unhexdump -o data.bin hexdump.txt
Print all printable strings from a file:
$ ronin strings /bin/ls
Print all alphabetic strings from a file:
$ ronin strings --alpha /bin/ls
Print all alpha-numeric strings from a file:
$ ronin strings --alpha-num /bin/ls
Print all numeric strings from a file:
$ ronin strings --numeric /bin/ls
Print all hexadecimal strings from a file:
$ ronin strings --hex /bin/ls
Enumerate through all of the Bit-flips of a domain name:
$ ronin bitflip microsoft --alpha-num --append .comlicrosoft.comoicrosoft.comiicrosoft.comeicrosoft.comMicrosoft.commhcrosoft.commkcrosoft.commmcrosoft.commacrosoft.commycrosoft.com...
Base64 encode a string:
$ ronin encode --base64 --string"foo bar baz"Zm9vIGJhciBiYXo=Zlib compresses, Base64 encodes, and then URI encode a string:
$ ronin encode --zlib --base64 --uri --string"foo bar"%65%4A%78%4C%79%38%39%58%53%45%6F%73%41%67%41%4B%63%41%4B%61%0ABase64 decode a string:
$ ronin decode --base64 --string"Zm9vIGJhciBiYXo="foo bar bazURI decode, Base64 decode, and then zlib inflates a string:
$ ronin decode --uri --base64 --zlib --string"%65%4A%78%4C%79%38%39%58%53%45%6F%73%41%67%41%4B%63%41%4B%61%0A"foo barURI escape a string:
$ ronin escape --uri --string"foo bar"foo%20barURI unescape a string:
$ ronin unescape --uri --string"foo%20bar"foo barConvert a file into a quoted C string:
$ ronin quote --c file.bin"..."Convert a file into a quoted JavaScript string:
$ ronin quote --js file.bin
Unquote a C string:
$ ronin unquote --c --string'"\x66\x6f\x6f\x20\x62\x61\x72"'foo barExtract high-entropy data from a file:
$ ronin entropy -e 5.0 index.html
Grep for common patterns of data:
$ ronin grep --hash index.html
Extract common patterns from data:
$ ronin extract --hash index.html
Generate a random typo of a word:
$ ronin typo microsoftmicrossoft
Enumerate over every typo variation of a word:
$ ronin typo --enum microsoftmicroosoftmicrosooftmicrossoft
Generate a random homoglyph version of a word:
$ ronin homoglyph CEOCEO
Enumerate over every homoglyph variation of a word:
$ ronin homoglyph --enum CEOϹEOСEOⅭEOCEOCΕOCЕOCEOCEΟCEОCEO
Syntax-highlights a file:
$ ronin highlight index.html
AES-256 encrypt a file:
$ ronin encrypt --cipher aes-256-cbc --password"..." file.txt> encrypted.bin
Decrypt data:
$ ronin decrypt --cipher aes-256-cbc --password"..." encrypted.binGenerates a HMAC for a file:
$ ronin hmac --hash sha1 --password"too many secrets" data.txtGenerates a HMAC for a string:
$ ronin hmac --hash sha1 --password"too many secrets" --string"..."
Calculate an MD5 checksum of a string:
$ ronin md5 --string"hello world"5eb63bbbe01eeed093cb22bb8f5acdc3Calculate the MD5 checksum of a file:
$ ronin md5 file.txt
Calculate the MD5 checksum of every line in a file:
$ ronin md5 --multiline file.txt
Calculate an SHA1 checksum of a string:
$ ronin sha1 --string"hello world"2aae6c35c94fcfb415dbe95f408b9ce91ee846edCalculate the SHA1 checksum of a file:
$ ronin sha1 file.txt
Calculate the SHA1 checksum of every line in a file:
$ ronin sha1 --multiline file.txt
Calculate an SHA256 checksum of a string:
$ ronin sha256 --string"hello world"b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9Calculate the SHA256 checksum of a file:
$ ronin sha256 file.txt
Calculate the SHA256 checksum of every line in a file:
$ ronin sha256 --multiline file.txt
Calculate an SHA512 checksum of a string:
$ ronin sha512 --string"hello world"309ecc489c12d6eb4cc40f50c902f2b4d0ed77ee511a7c7a9bcd3ca86d4cd86f989dd35bc5ff499670da34255b45b0cfd830e81f605dcf7dc5542e93ae9cd76fCalculate the SHA512 checksum of a file:
$ ronin sha512 file.txt
Calculate the SHA512 checksum of every line in a file:
$ ronin sha512 --multiline file.txt
ROT-13 encodes a string:
$ ronin rot --string"The quick brown fox jumps over the lazy dog"Gur dhvpx oebja sbk whzcf bire gur ynml qbtXOR encodes a string:
$ ronin xor --key ABC --string"The quick brown fox jumps over the lazy dog""\x15*&a36(!(a 1.5-a$,9b)4/32b,7'1a6+$b/ 8:a&,&"
Query the ASN of an IP address:
$ ronin asn -I 4.2.2.14.0.0.0/9 AS3356 (US) LEVEL3
Get the system's external/public IP address:
$ ronin ip --public
Convert an IP address to decimal format:
$ ronin ip --decimal 127.0.0.12130706433
Convert a file of IP addresses into URLs:
$ ronin ip --file targets.txt --http
Enumerate over every IP address in the IP CIDR range:
$ ronin iprange 10.1.0.0/1510.0.0.110.0.0.210.0.0.310.0.0.410.0.0.510.0.0.610.0.0.710.0.0.810.0.0.9...
Enumerate over every IP address in the IP glob range:
$ ronin iprange 10.1-3.0.*10.1.0.110.1.0.210.1.0.310.1.0.410.1.0.510.1.0.610.1.0.710.1.0.810.1.0.910.1.0.10...Enumerate over every IP address between two IP addresses:
$ ronin iprange --start 10.0.0.1 --stop 10.0.3.3310.0.0.110.0.0.210.0.0.310.0.0.410.0.0.510.0.0.610.0.0.710.0.0.810.0.0.910.0.0.10
Connect to a remote TCP service:
$ ronin netcat -v example.com 80
Listen on a local TCP port:
$ ronin netcat -v -l 1337
Connect to a remote SSL/TLS service:
$ ronin netcat -v --ssl example.com 443
Connect to a remote UDP service:
$ ronin netcat -v -u example.com 1337
Listen on a local UDP port:
$ ronin netcat -v -u -l 1337
Opens a UNIX socket:
$ ronin netcat -v --unix /path/to/unix.socket
Hexdump all data received from a socket:
$ ronin netcat --hexdump example.com 80GET / HTTP/1.1Host: example.comUser-Agent: Ruby00000000 48 54 54 50 2f 31 2e 31 20 32 30 30 20 4f 4b 0d|HTTP/1.1 200 OK.|00000010 0a 41 67 65 3a 20 32 35 30 38 30 36 0d 0a 43 61|.Age: 250806..Ca|00000020 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 6d 61 78|che-Control: max|00000030 2d 61 67 65 3d 36 30 34 38 30 30 0d 0a 43 6f 6e|-age=604800..Con|00000040 74 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f|tent-Type: text/|00000050 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54|html; charset=UT|...
Query DNS records:
$ ronin dns -t TXT github.com
Find all registered TLDs for a host name:
$ ronin host --enum-tlds --registered github.comgithub.acgithub.actorgithub.aegithub.africagithub.agencygithub.ai...
Find all registered public suffixes for a host name:
$ ronin host --enum-suffix --registered github.comexample.com.agexample.aiexample.alexample.amexample.com.arexample.atexample.co.atexample.or.atexample.com.auexample.beexample.com.bh...
Find all subdomains that have addresses:
$ ronin host --enum-subdomains subdomains.txt --has-addresses google.comwww.google.commail.google.comsmtp.google.comns1.google.comns2.google.comm.google.comns.google.comblog.google.comadmin.google.comnews.google.comvpn.google.comns3.google.com...
Enumerate over every possible typosquat variation of a domain:
$ ronin typosquat microsoft.commicroosoft.commicrosooft.commicrossoft.com
Find all of the registered typosquat domains for a valid domain:
$ ronin typosquat --registered microsoft.com
Find all of the typosquat domains with addresses for a valid domain:
$ ronin typosquat --has-addresses microsoft.com
Find all of the unregistered typosquat domains for a valid domain:
$ ronin typosquat --unregistered microsoft.com
De-obfuscate an email address:
$ ronin email-addr --deobfuscate"john [dot] smith [at] example [dot] com"john.smith@example.comEnumerate through all of the obfuscations of an email address:
$ ronin email-addr --enum-obfuscations john.smith@example.comjohn.smith @ example.comjohn.smith AT example.comjohn.smith at example.comjohn.smith[AT]example.comjohn.smith[at]example.com...
Dump information about a SSL/TLS certificate:
$ ronin cert-dump https://example.com/
Download a SSL/TLS certificate from a host and port:
$ ronin cert-grab github.com:443
Generate a new SSL/TLS certificate:
$ ronin cert-gen -c test.com -O"Test Co" -U"Test Dept" \ -L"Test City" -S NY -C US
Perform an HTTPGET request (with syntax highlighting):
$ ronin http https://example.com/
Send an HTTP request with additional headers:
$ ronin http --post --header"Authorization: ..." https://foo.bar/Send an HTTP request with a knownUser-Agent string:
$ ronin http --post --user-agent chrome-android https://foo.bar/
Send an HTTP request with a customUser-Agent string:
$ ronin http --post --user-agent-string"..." https://foo.bar/Open an interactive HTTP shell:
$ ronin http --shell https://example.com/https://example.com/>helphelp [COMMAND] Prints the list of commands or additionalhelp get PATH[?QUERY] [BODY] Performs a GET request head PATH[?QUERY] Performs a HEAD request patch PATH[?QUERY] [BODY] Performs a PATCH request post PATH[?QUERY] [BODY] Performs a POST request put PATH [BODY] Performs a PUT request copy PATH DEST Performs a COPY request delete PATH[?QUERY] Performs a DELETE request lock PATH[?QUERY] Performs a LOCK request options PATH[?QUERY] Performs a OPTIONS request mkcol PATH[?QUERY] Performs a MKCOL request move PATH[?QUERY] DEST Performs a MOVE request propfind PATH[?QUERY] Performs a PROPFIND request proppatch PATH[?QUERY] Performs a PROPPATCH request trace PATH[?QUERY] Performs a TRACE request unlock PATH[?QUERY] Performs a UNLOCK requestcd PATH Changes the base URL path headers [{set| unset} NAME [VALUE]]Manages the request headers
Print the HTTP status of every URL in a file:
$ ronin url --file urls.txt --status
Generate a new Ruby script withronin-support preloaded:
$ ronin new script foo.rb
Generate a new Ruby project with aGemfile:
$ ronin new project foo
Generate a newnokogiri Ruby script for parsing HTML/XML:
$ ronin new nokogiri foo.rb
Generate a newronin-web-server Ruby script:
$ ronin new web-server my_server.rb
Generate a newronin-web-server based web app:
$ ronin new web-app my_app
Generate a newronin-web-spider Ruby script:
$ ronin new web-spider --host=example.com my_spider.rb
Generate aronin-listener-dns script:
$ ronin new dns-listener my_dns_listener.rb
Generate aronin-dns-proxy script:
$ ronin new dns-proxy my_dns_proxy.rb
Generate aronin-listener-http script:
$ ronin new http-listener my_http_listener.rb
Generate aronin-exploits script:
$ ronin new exploit my_exploit.rb
Generate aronin-payloads script:
$ ronin new payload my_payload.rb
Archive files:
$ ronin archive -o archive.zip file1.txt file2.txt
Archive files using tar format:
$ ronin archive -o archive.tar file1.txt file2.txt
Unarchive files:
$ ronin unarchive arch1.tar arch2.zip
Unarchive a file with explicit format:
$ ronin unarchive -f zip arch2.jar
- gcc /clang
- make
- git
- libsqlite3
- Ruby >= 3.1.0
- open_namespace ~> 0.4
- rouge ~> 3.0
- async-io ~> 1.0
- wordlist ~> 1.1
- ronin-support ~> 1.1
- ronin-dns-proxy ~> 0.1
- ronin-core ~> 0.2
- ronin-repos ~> 0.1
- ronin-wordlists ~> 0.1
- ronin-db ~> 0.1
- ronin-listener ~> 0.1
- ronin-nmap ~> 0.1
- ronin-masscan ~> 0.1
- ronin-recon ~> 0.1
- ronin-fuzzer ~> 0.1
- ronin-web ~> 2.0
- ronin-code-asm ~> 1.0
- ronin-code-sql ~> 2.0
- ronin-payloads ~> 0.1
- ronin-exploits ~> 1.0
- ronin-vulns ~> 0.2
- ronin-app ~> 0.1
curl -o ronin-install.sh https://raw.githubusercontent.com/ronin-rb/scripts/main/ronin-install.sh&& bash ronin-install.shSee themanual install instructions for how to installRonin and it's additional dependencies on your platform.
If you prefer usingDocker, there are alsoDocker images available:
docker pull roninrb/ronindocker run -it roninrb/ronin
Additionally, if you want to mount your home directory into the docker image:
docker run --mount type=bind,source="$HOME",target=/home/ronin -it ronin- Fork It!
- Clone It!
cd ronin./scripts/setupgit checkout -b my_feature- Code It!
bundle exec rake specgit push origin my_feature
Copyright (c) 2006-2025 Hal Brodigan (postmodern.mod3 at gmail.com)
Ronin is free software: you can redistribute it and/or modifyit under the terms of the GNU General Public License as published bythe Free Software Foundation, either version 3 of the License, or(at your option) any later version.
Ronin is distributed in the hope that it will be useful,but WITHOUT ANY WARRANTY; without even the implied warranty ofMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See theGNU General Public License for more details.
You should have received a copy of the GNU General Public Licensealong with Ronin. If not, seehttps://www.gnu.org/licenses/.
About
Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin also allows for the rapid development and distribution of code, exploits, payloads, etc, via 3rd-party git repositories.
