After nearly a full year of non-stop development since the initial announcement of The Big Refactor, 4153 commits made, 700 issues closed, and a month of beta testing, Ronin 2.0.0 has finally been released!

What is Ronin?

Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin contains many different CLI commands and Ruby libraries for a variety of security tasks, such as encoding/decoding data, filter IPs/hosts/URLs, querying ASNs, querying DNS, HTTP, scanning for web vulnerabilities, spidering websites, install 3rd party repositories of exploits and/or payloads, run exploits, write new exploits, managing local databases, fuzzing data, and much more.

Install

Ronin can be installed via the ronin-install.sh installer bash script:

curl -o ronin-install.sh https://raw.githubusercontent.com/ronin-rb/scripts/main/ronin-install.sh && bash ronin-install.sh

Docker

Ronin also has docker images, if you prefer using docker.

$ docker pull roninrb/ronin
$ docker run  -it roninrb/ronin
root@89b5d7f15855:/# ronin help

What’s New?

What Do You Get?

A Powerful CLI

Ronin provides many powerful CLI commands:

See ronin’s README for more command examples.

Powerful Ruby APIs

Ronin is made up of different Ruby libraries and powerful APIs, that you can use in Ruby scripts, other Ruby apps, or in the Ruby console.

#!/usr/bin/env ruby
require 'ronin/support'
require 'wordlist'

domain   = Ronin::Support::Network::Domain.new('github.com')
wordlist = Wordlist.open('subdomains-10000.txt')

wordlist.each do |word|
  host = domain.subdomain(word)

  if !host.cname && host.has_addresses?
    print_success "found subdomain: #{host}"
  end
rescue Interrupt
  break
end

See the API documentation for more documentation and examples.

A Rich Ecosystem

ronin The main ruby gem that provides the main ronin command and pulls in the other ronin- gems as dependencies.
ronin-support A support library for other ronin-rb libraries which provides most of the APIs and core-extensions which make Ruby much easier to use. tl;dr It’s like pwntools combined with activesupport.
ronin-core A “core” library which provides internal APIs for the other ronin-rb libraries.
ronin-repos Supports installing and managing 3rd party git repositories of exploits, payloads, or potentially any other type of Ruby code. Other libraries such as ronin-exploits and ronin-payloads can load modules from git repositories installed via ronin-repos.
ronin-db-activerecord Defines the ActiveRecord models and migrations for the ronin-db. ronin-db-activerecord can be used by other Ruby libraries or apps.
ronin-db Provides a command-line interface (CLI) to ronin-db-activerecord. It provides the ronin-db command for managing and querying database(s).
ronin-web-server A small library which provides a Sinatra based web server customized specifically for security related tasks. It provides additional routing methods, routing conditions, helper methods, as well as a reverse proxy.
ronin-web-spider A small library that builds on top of the battle tested spidr library. It provides additional callback methods that are relevant to recon, such as every_host, every_cert, every_favicon, every_javascript, every_javascript_string, every_javascript_comment, every_html_comment, and every_comment.
ronin-web-user_agents A small library for generating random but realistic looking User-Agent strings for a variety of web browsers, OSes, devices, etc.
ronin-web Brings together all of the other ronin-web- libraries and provides the ronin-web command which provides numerous handy web related commands, such as diff, html, reverse-proxy, server, and spider.
ronin-code-asm A Ruby DSL for writing assembly in pure-Ruby. It can assemble full programs or be used to write shellcode.
ronin-code-sql A Ruby DSL for crafting SQL injections. It can also generate obfuscated SQL for bypassing filters.
ronin-vulns A Ruby library for blind vulnerability testing. It can test for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), reflective Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
ronin-post_ex A Post-Exploitation API for interacting with compromised systems. ronin-post_ex is used by both ronin-payloads and ronin-exploits.
ronin-payloads A Ruby micro-framework for writing exploit payloads as plain old Ruby classes. ronin-payloads comes with common payloads (ex: exec_shell, bind_shell, reverse_shell) and can also load 3rd party payloads from ronin-repos.
ronin-exploits A Ruby micro-framework for writing and running exploits. ronin-exploits allows one to write exploits as plain old Ruby classes. ronin-exploits can load and run 3rd party exploits from either Ruby files or from ronin-repos. tl;dr It’s like a simpler and more modular version of Metasploit.
ronin-fuzzer A Ruby library and CLI for generating, mutating, and fuzzing data. The goal of ronin-fuzzer is to be as configurable as possible.

Interested?

Does Ronin interest you? Do you have an idea for a feature or a new ronin- library? Checkout our GitHub, join our Discord server, follow us on Mastodon, and get involved!

Special Thanks

A special thank you to everyone who participated in the Open Beta. Also, a special thank you to everyone who voted in my many Twitter/Mastodon polls, which helped shape Ronin’s design.

If Ronin interests you or you like the work we do, consider donating to Ronin on GitHub, Patreon, or Open Collective so we can continue building high-quality free and Open Source security tools and Ruby libraries.