Frequently Asked Questions

What is Ronin

Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin contains many different CLI commands and Ruby libraries for a variety of security tasks, such as encoding/decoding data, filter IPs/hosts/URLs, querying ASNs, querying DNS, HTTP, scanning for web vulnerabilities, spidering websites, install 3rd party repositories of exploits and/or payloads, run exploits, write new exploits, managing local databases, fuzzing data, and much more.

What language is Ronin written in?

Ruby

What version of Ruby should I run Ronin on?

Ronin requires ruby >= 3.0.0

What is Ronin licensed under?

The main ronin gem and the ronin-web gem are licensed under the GPL-3.0.

The rest of the gems are licensed under the LGPL-3.0.

How well documented is Ronin?

Ronin has extensive YARD documentation covering it’s API. Most Ronin libraries have a YARD documentation coverage measurement of +80%.

Does Ronin have a command-line interface (CLI)?

Why yes. Ronin provides a main ronin command with many sub-commands. To view all available sub-commands simply run the following command:

ronin help

To view the help information of a specific sub-command:

ronin help COMMAND_NAME

Additionally, the other Ronin libraries can provide their own CLIs with their own sub-commands:

Does Ronin have a Discord server?

Why yes, Ronin does have a Discord server you can join.

Does Ronin have a Mastodon account that I can follow?

Why yes, you can follow @ronin_rb@infosec.exchange.

Ruby

Why choose Ruby instead of Python?

Ruby’s syntax and features are much more flexible than Python’s and save the programmer time by giving them many ways to do things. Ruby also has a far better Object Model (literal everything is an Object) which allows writing formal Object Orientated code.

What is the easiest way to install Ruby?

Option 1: Package Manager

Probably the easiest way to install ruby is from your system’s package manager:

Option 2: Ruby version Manager

Another method for installing ruby which is preferred by developers is using a Ruby Version Manager:

What are some good resources for learning Ruby?

Online Resources

Books

Exploits

Does Ronin have builtin exploits?

Ronin does not ship with any builtin exploits, but it is extremely easy to write your own exploits using ronin-exploits and distribute them via 3rd party repositories.

Can I use Ronin on the OSCP?

Yes! The OSCP Exam Guide states that tools which performs “automatic exploitation” (meaning the tool can both find a vulnerability and automatically exploit it), which includes tools such as Metasploit or SQLmap.

Ronin does not provide any automatic exploitation functionality, therefor it should be safe to use Ronin on the OSCP exam.

3rd party repositories

What is a 3rd party repository?

Ronin supports installing 3rd party repositories of additional payload or exploits. 3rd party repositories are essentially a git repository that can have a exploits/ or payloads/ directory that contains Ruby exploit or payload files, ronin-exploits or ronin-payloads can then load.

How are 3rd party repositories hosted?

3rd party repositories use git and anyone can host their own 3rd party repository on any popular git hosting services, such as GitHub or GitLab.

How can I install a 3rd party repository with Ronin?

Simply pass the git URL to the ronin-repos install command:

ronin-repos install https://github.com/user/repo.git

How can I generate my own 3rd party repository?

You can generate your own new 3rd party repository using the ronin-repos new command:

ronin-repos new path/to/repo

Then simply publish the git repository to GitHub or GitLab.

Quality

How readable is Ronin’s code-base?

Ronin strives to have extremely clean and readable code. Most Ronin libraries have a CodeClimate Maintainability score of A or B.

Does Ronin have a test-suite so that I can ensure that Ronin is bug free?

Yes, Ronin has an extensive RSpec test suite. Most Ronin libraries have a SimpleCov coverage measurement of +90%.

Development

Where is Ronin’s code-base hosted?

Ronin and it’s many libraries are hosted on GitHub.

What do I need in order to contribute to Ronin?

  1. Knowledge of git.
  2. A GitHub account.
  3. Knowledge of Ruby.

If you just want to fix a typo in the documentation, then you can edit the documentation entirely via GitHub’s website and submit a pull request.