After one year and two months of development, 1839 commits and 411 closed issues later, Phase 2 is finally done!

This is the culmination of three years of hard work to get Ronin back on track. Phase 2 was announced on 2023-04-16 following the completion of The Big Refactor, with the goal of building out additional larger features for Ronin. Phase 2 resulted in many new projects, such as:

  • ronin-support-web - A web specific support library, providing many helper methods for parsing HTML/XML, fetching web pages, etc. Think of it like a light-weight headless web browser without JavaScript.
  • ronin-dns-proxy - A configurable DNS proxy server library, supports returning spoofing DNS results or passing DNS queries through to the upstream DNS nameserver.
  • ronin-listener-dns - A DNS server for receiving exfiltrated data sent via DNS queries, which can be used to test for XML external entity (XXE) injection.
  • ronin-listener-http - A HTTP server for receiving exfiltrated data sent via HTTP requests, which can be used to test for Server-Side Request Forgery (SSRF) or XML external entity (XXE) injection.
  • ronin-listener - a small CLI utility for receiving exfiltrated data over DNS or HTTP.
  • ronin-nmap - A Ruby library for working with nmap. ronin-nmap can parse nmap XML, convert nmap XML into JSON or CSV, or import nmap XML into the ronin-db database.
  • ronin-masscan - A Ruby library for working with masscan. ronin-masscan can parse masscan scan files, convert masscan files into JSON or CSV, or import masscan scan data into the ronin-db database.
  • ronin-recon - A micro-framework and tool for performing reconnaissance. ronin-recon uses multiple workers which process different data types (IP, host, URL, etc) and produce new values. ronin-recon contains built-in recon workers and supports loading additional 3rd-party workers from Ruby files or 3rd-party git repositories. ronin-recon has a unique queue design and uses asynchronous I/O to maximize efficiency. ronin-recon can lookup IPs addresses, nameservers, mailservers, bruteforce sub-domains, port scan IPs, discover services, and spider websites.
  • ronin-web-session_cookie - A library for parsing and deserializing various session cookie formats. It supports Rack, Django, and JWT.
  • ronin-web-browser - A Ruby library for automating the Chrome web browser. ronin-web-browser builds on the ferrum gem, and adds additional API methods that are useful to security researchers.
  • ronin-wordlists - A library and tool for managing wordlists. ronin-wordlists can install and update wordlists, and contains a curated list of popular wordlists and their download URLs.
  • ronin-app - A small web application that is meant to be ran locally by the user. It provides a web interface to ronin-support, ronin-repos, ronin-db, ronin-payloads, ronin-exploits, as well as automating ronin-nmap, ronin-masscan, ronin-web-spider, ronin-recon, and ronin-vulns.

The next step will be to release release-candidate versions and announce a call for beta testers.

Also, big shout out to our new core-team member, AI-Mozi, who helped out with writing tests, fixing bugs, and implementing many of ronin-app’s features.

If Ronin interests you or you like the work we do, consider donating to Ronin on GitHub, Patreon, or Open Collective so we can continue building high-quality free and Open Source security tools and Ruby libraries.