Ronin : A Ruby Platform For Vulnerability Research & Exploit Development

Ronin is a Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of code, Exploits, Payloads, Scanners, etc, via Repositories.

Console

Ronin provides users with a powerful Ruby Console, pre-loaded with powerful convenience methods. In the Console one can work with data and automate complex tasks, with greater ease than the command-line.

>> File.read(‘data’).base64_decode

Database

Ronin ships with a preconfigured Database, that one can interact with from Ruby, without having to write any SQL.

>> HostName.tld(‘eu’).urls.with_query_param(‘id’)

Repositories

Ronin provides a Repository system, allowing users to organize and share miscallaneous Data, Code, Exploits, Payloads, Scanners, etc.

$ ronin install git://github.com/user/myexploits.git

Libraries

Ronin provides libraries with additional functionality, such as Exploitation and Scanning:

$ gem install ronin-exploits

Features

  • Supports installing/updating/uninstalling of Repositories.
  • Provides a Database using DataMapper with:
    • {Ronin::Author}
    • {Ronin::License}
    • {Ronin::Arch}
    • {Ronin::OS}
    • {Ronin::Software}
    • {Ronin::Vendor}
    • {Ronin::Address}
      • {Ronin::MACAddress}
      • {Ronin::IPAddress}
      • {Ronin::HostName}
    • {Ronin::Port}
      • {Ronin::TCPPort}
      • {Ronin::UDPPort}
    • {Ronin::Service}
    • {Ronin::OpenPort}
    • {Ronin::OSGuess}
    • {Ronin::UserName}
    • {Ronin::URL}
    • {Ronin::EmailAddress}
    • {Ronin::Credential}
      • {Ronin::ServiceCredential}
      • {Ronin::WebCredential}
    • {Ronin::Organization}
    • {Ronin::Campaign}
    • {Ronin::Target}
  • Caches exploits, payloads, scanners, etc stored within Repositories into the Database.
  • Convenience methods provided by ronin-support.
  • Provides a customized Ruby Console using Ripl with:
    • Syntax highlighting.
    • Tab completion.
    • Auto indentation.
    • Pretty Printing (pp).
    • print_info, print_error, print_warning and print_debug output helper methods with color-output.
    • Inline commands (!nmap -v -sT victim.com)
  • Provides an extensible command-line interface.

Synopsis

Start the Ronin console:

$ ronin

Run a Ruby script in Ronin:

$ ronin exec script.rb

View available commands:

$ ronin help

View a man-page for a command:

$ ronin help wordlist

Install a Repository:

$ ronin install svn://example.com/path/to/repo

List installed Repositories:

$ ronin repos

Update all installed Repositories:

$ ronin update

Update a specific Repositories:

$ ronin update repo-name

Uninstall a specific Repositories:

$ ronin uninstall repo-name

List available Databases:

$ ronin database

Add a new Database:

$ ronin database –add team –uri mysql://user:pass@vpn.example.com/db

Remove a Database:

$ ronin database –remove team

Requirements

Install

$ gem install ronin

Development

  1. Fork It!
  2. Clone It!
  3. cd ronin
  4. bundle install
  5. git checkout -b my_feature
  6. Code It!
  7. bundle exec rake spec
  8. git push origin my_feature

R K

Recent Posts

Playwright-MCP : A Powerful Tool For Browser Automation

Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…

2 weeks ago

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

2 weeks ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

2 weeks ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

2 weeks ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

2 weeks ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

2 weeks ago