Ronin
Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin also allows for the rapid development and distribution of code, exploits, payloads, etc, via 3rd-party git repositories.
Install / Use
/learn @ronin-rb/RoninREADME
ronin
Description
[Ronin][website] is a free and Open Source [Ruby] toolkit for security research and development. Ronin contains many different CLI commands and [Ruby libraries][ronin-rb] for a variety of security tasks, such as encoding/decoding data, filter IPs/hosts/URLs, querying ASNs, querying DNS, HTTP, [scanning for web vulnerabilities][ronin-vulns-synopsis], [spidering websites][ronin-web-spider], [installing 3rd-party repositories][ronin-repos-synopsis] of [exploits][ronin-exploits] and/or [payloads][ronin-payloads], [running exploits][ronin-exploits-synopsis], [developing new exploits][ronin-exploits-examples], [managing local databases][ronin-db-synopsis], [fuzzing data][ronin-fuzzer], [performing recon][ronin-recon-synopsis], and much more.
Who is Ronin for?
- CTF players
- Bug bounty hunters
- Security Researchers
- Security Engineers
- Developers
- Students
What does Ronin provide?
- A toolkit of useful commands.
- A fully-loaded Ruby REPL.
- An ecosystem of high-quality security related Ruby libraries, APIs, and commands.
- A lightweight local web UI.
What can you do with Ronin?
- Quickly process and query various data using the
ronincommands. - Efficiently work with code and data in the
ronin irbRuby REPL. - Rapidly prototype Ruby scripts using [ronin-support] and other
roninlibraries. - Install 3rd-party [git] repositories of exploits, payloads, or other code, using [ronin-repos].
- Import and query data using the [ronin-db] database.
- Fuzz data using [ronin-fuzzer].
- Perform recon using [ronin-recon].
- Use common payloads or write your own using [ronin-payloads].
- Write/run exploits using [ronin-exploits].
- Scan for web vulnerabilities using [ronin-vulns].
- Performs scans and browse the database in your browser using [ronin-app].
Synopsis
Usage: ronin [options] [COMMAND [ARGS...]]
Options:
-h, --help Print help information
Arguments:
[COMMAND] The command name to run
[ARGS ...] Additional arguments for the command
Commands:
archive
asn
banner-grab
bitflip
cert-dump
cert-gen
cert-grab
completion
decode, dec
decrypt
dns
dns-proxy
email-addr
encode, enc
encrypt
entropy
escape
extract
grep
help
hexdump
highlight
hmac
homoglyph
host
http
ip
iprange
irb
md5
netcat, nc
new
pack
proxy
public-suffix-list
quote
rot
sha1
sha256
sha512
strings
tld-list
tips
typo
typosquat
unarchive
unescape
unhexdump
unpack
unquote
url
xor
Additional Ronin Commands:
$ ronin-repos
$ ronin-wordlists
$ ronin-db
$ ronin-web
$ ronin-fuzzer
$ ronin-masscan
$ ronin-nmap
$ ronin-recon
$ ronin-payloads
$ ronin-exploits
$ ronin-vulns
$ ronin-app
List ronin commands:
$ ronin help
View a man-page for a command:
$ ronin help COMMAND
Get a random tip on how to use ronin:
$ ronin tips
Open the Ronin Ruby REPL:
$ ronin irb
, Jµ ▓▓█▓
J▌ ▐▓██▌ ████ ██ ▐███D
╓▄▓▓█████▌ ██µ ████ ▄███ÖJ██▌ ███▌
,╓µ▄▄▄▄▄▄▄▄µ;, ,▄▓██████████ ▐███ ▐███▀ ███▌ ████µ ▄███
¬∞MÆ▓███████████████████████▓M ▄██████▀▀╙████▌ ████▌ ████ ▄███ J█████ ███▌
`█████▀▀▀▀▀███████ -████▀└ ████ ▐█████n ▄███O ███▌ ██████████
▓████L ████▀ ▓████ ▓███Ö ███████ ███▌ ▓███ ▐█████████▀
▄████▀ ,╓▄▄▄█████ J████Ü ,███▌ ▄███████████ J███▀ ████ █████
J█████████████████─ ████▌ ████ ████`██████▌ ████ ▐███Ü ▐███Ü
███████████▀▀▀╙└ ▐████ J███▌ ▓███▌ ²█████ J███Ü ███▌ ▀█▌
▓██████████▌ ████▌ ████ ;████ ▀███▀ ███▌ J▀▀▀- █
▄█████▀ ▀█████µ ▐████ ,▄▓████▀ ████▀ ███ J███ `
J█████- ╙▀███▄ ████████████▀╙ J█▀▀▀ █U ▀█▌
████▀ ▀███ ▄████████▀▀ ╨ █
▓██▀ ²▀█▄ █▀▀▀╙└
▄██╜ ╙W
J█▀
▌└
┘
irb(ronin)>
Starts and opens the interactive Web UI for Ronin:
$ ronin-app
Binary
Hexdumps data in a variety of formats:
$ ronin hexdump /bin/ls
Un-hexdumps a hexdump file back into it's original raw binary data:
$ ronin unhexdump -o data.bin hexdump.txt
Print all printable strings from a file:
$ ronin strings /bin/ls
Print all alphabetic strings from a file:
$ ronin strings --alpha /bin/ls
Print all alpha-numeric strings from a file:
$ ronin strings --alpha-num /bin/ls
Print all numeric strings from a file:
$ ronin strings --numeric /bin/ls
Print all hexadecimal strings from a file:
$ ronin strings --hex /bin/ls
Enumerate through all of the Bit-flips of a domain name:
$ ronin bitflip microsoft --alpha-num --append .com
licrosoft.com
oicrosoft.com
iicrosoft.com
eicrosoft.com
Microsoft.com
mhcrosoft.com
mkcrosoft.com
mmcrosoft.com
macrosoft.com
mycrosoft.com
...
Encoding
Base64 encode a string:
$ ronin encode --base64 --string "foo bar baz"
Zm9vIGJhciBiYXo=
Zlib compresses, Base64 encodes, and then URI encode a string:
$ ronin encode --zlib --base64 --uri --string "foo bar"
%65%4A%78%4C%79%38%39%58%53%45%6F%73%41%67%41%4B%63%41%4B%61%0A
Base64 decode a string:
$ ronin decode --base64 --string "Zm9vIGJhciBiYXo="
foo bar baz
URI decode, Base64 decode, and then zlib inflates a string:
$ ronin decode --uri --base64 --zlib --string "%65%4A%78%4C%79%38%39%58%53%45%6F%73%41%67%41%4B%63%41%4B%61%0A"
foo bar
URI escape a string:
$ ronin escape --uri --string "foo bar"
foo%20bar
URI unescape a string:
$ ronin unescape --uri --string "foo%20bar"
foo bar
Convert a file into a quoted C string:
$ ronin quote --c file.bin
"..."
Convert a file into a quoted JavaScript string:
$ ronin quote --js file.bin
Unquote a C string:
$ ronin unquote --c --string '"\x66\x6f\x6f\x20\x62\x61\x72"'
foo bar
Text
Extract high-entropy data from a file:
$ ronin entropy -e 5.0 index.html
Grep for common patterns of data:
$ ronin grep --hash index.html
Extract common patterns from data:
$ ronin extract --hash index.html
Generate a random typo of a word:
$ ronin typo microsoft
microssoft
Enumerate over every typo variation of a word:
$ ronin typo --enum microsoft
microosoft
microsooft
microssoft
Generate a random homoglyph version of a word:
$ ronin homoglyph CEO
CEO
Enumerate over every homoglyph variation of a word:
$ ronin homoglyph --enum CEO
ϹEO
СEO
ⅭEO
CEO
CΕO
CЕO
CEO
CEΟ
CEО
CEO
Syntax-highlights a file:
$ ronin highlight index.html
Cryptography
AES-256 encrypt a file:
$ ronin encrypt --cipher aes-256-cbc --password "..." file.txt > encrypted.bin
Decrypt data:
$ ronin decrypt --cipher aes-256-cbc --password "..." encrypted.bin
Generates a HMAC for a file:
$ ronin hmac --hash sha1 --password "too many secrets" data.txt
Generates a HMAC for a string:
$ ronin hmac --hash sha1 --password "too many secrets" --string "..."
Calculate an MD5 checksum of a string:
$ ronin md5 --string "hello world"
5eb63bbbe01eeed093cb22bb8f5acdc3
Calculate the MD5 checksum of a file:
$ ronin md5 file.txt
Calculate the MD5 checksum of every line in a file:
$ ronin md5 --multiline file.txt
Calculate an SHA1 checksum of a string:
$ ronin sha1 --string "hello world"
2aae6c35c94fcfb415dbe95f408b9ce91ee846ed
Calculate the SHA1 checksum of a file:
$ ronin sha1 file.txt
Calculate the SHA1 checksum of every line in a file:
$ ronin sha1 --multiline file.txt
Calculate an SHA256 checksum of a string:
$ ronin sha256 --string "hello world"
b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9
Calculate the SHA256 checksum of a file:
$ ronin sha256 file.txt
Calculate the SHA256 checksum of every line in a file:
$ ronin sha256 --multiline file.txt
Calculate an SHA512 checksum of a string:
$ ronin sha512 --string "hello world"
309ecc489c12d6eb4cc40f50c902f2b4d0ed77ee511a7c7a9bcd3ca86d4cd86f989dd35bc5ff499670da34255b45b0cfd830e81f605dcf7dc5542e93ae9cd76f
Calculate the SHA512 checksum of a file:
$ ronin sha512 file.txt
Calculate the SHA512 checksum of every line in a file:
$ ronin sha512 --multiline file.txt
ROT-13 encodes a string:
$ ronin rot --string "The quick brown fox jumps over the lazy dog"
Gur dhvpx oebja sbk whzcf bire gur ynml qbt
XOR encodes a string:
$ ronin xor --key ABC --string "The quick brown fox jumps over the lazy dog"
"\x15*&a36(!(a 1.5-a$,9b)4/32b,7'1a6+$b/ 8:a&,&"
Networking
Query the ASN of an
