A Security Toolkit

Ronin is a free and Open Source Ruby toolkit for security research and development. Ronin contains many different CLI commands and Ruby libraries for a variety of security tasks, such as encoding/decoding data, filter IPs/hosts/URLs, querying ASNs, querying DNS, HTTP, scanning for web vulnerabilities, spidering websites, installing 3rd-party repositories of exploits and/or payloads, running exploits, developing new exploits, managing local databases, fuzzing data, performing recon, and much more.

Ruby Supercharged

Ronin builds on top of Ruby and adds even more libraries, classes, and methods to make Ruby even easier to use and more powerful!

Powerful CLI

Ronin provides many powerful CLI commands.

#!/usr/bin/env ruby
require 'ronin/support'
require 'wordlist'

domain   = Ronin::Support::Network::Domain.new('github.com')
wordlist = Wordlist.open('subdomains-10000.txt')

wordlist.each do |word|
  host = domain.subdomain(word)

  if !host.cname && host.has_addresses?
    print_success "found subdomain: #{host}"
  end
rescue Interrupt
  break
end

Fully Scriptable

Ronin is made up of different Ruby libraries and powerful APIs that you can use in Ruby scripts or in the Ruby console.

Easy To Install

Installing Ronin is as easy as copy/pasting the following command into your terminal:

curl -o ronin-install.sh https://raw.githubusercontent.com/ronin-rb/scripts/main/ronin-install.sh && bash ronin-install.sh
Docker logo

Dockerized

Ronin also has Docker images.

$ docker pull roninrb/ronin
$ docker run --rm -it roninrb/ronin
root@89b5d7f15855:/# ronin help

High Quality

Ronin strives to have at least 90% test coverage and 80% documentation coverage.

Ronin has grade A code quality

Rich Ecosystem

ronin 2.1.0 A Ruby toolkit for security research and development.
ronin-support 1.1.0 A support library for Ronin.
ronin-support-web 0.1.0 A web support library for ronin-rb.
ronin-core 0.2.0 A core library for all ronin libraries.
ronin-repos 0.2.0 Third-party git repository support for ronin.
ronin-db-activerecord 0.2.0 ActiveRecord backend for the Ronin Database.
ronin-db 0.2.0 A common database library for managing and querying security data.
ronin-dns-proxy 0.1.0 A configurable DNS proxy server library.
ronin-listener-dns 0.1.0 A DNS listener that listens for exfiltrated data via DNS queries.
ronin-listener-http 0.1.0 A HTTP server for receiving exfiled data.
ronin-listener 0.1.0 A Ruby CLI utility for receiving exfiltrated data.
ronin-web-browser 0.1.0 A Ruby library for automating the Chrome web browser.
ronin-web-session_cookie 0.1.0 A library for parsing and deserializing various session cookies.
ronin-web-server 0.1.1 A custom Ruby web server based on Sinatra.
ronin-web-spider 0.2.0 A collection of common web spidering routines.
ronin-web-user_agents 0.1.0 Generates random but realistic User-Agent strings.
ronin-web 2.0.0 A collection of common web security commands and libraries.
ronin-code-asm 1.0.0 A Ruby DSL for crafting Assmebly programs and Shellcode.
ronin-code-sql 2.1.0 A Ruby DSL for crafting SQL Injections.
ronin-post_ex 0.1.0 Ruby API for Post-Exploitation.
ronin-payloads 0.2.0 A Ruby micro-framework for writing and running exploit payloads.
ronin-vulns 0.2.0 Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
ronin-exploits 1.1.0 A Ruby micro-framework for writing and running exploits and payloads.
ronin-fuzzer 0.2.0 A highly configurable fuzzing library and CLI for Ruby.
ronin-wordlists 0.1.0 A library for managing wordlists.
ronin-nmap 0.1.0 A Ruby library and CLI for working with nmap.
ronin-masscan 0.1.0 A Ruby library and CLI for working with masscan.
ronin-recon 0.1.0 A micro-framework and tool for performing reconnaissance.
ronin-app 0.1.0 A local web interface for Ronin.

Get Involved