• Website
• Discord | Mastodon

Ronin is a free and Open Source Ruby toolkit for security research and development. Ronin contains many different CLI commands and Ruby libraries for a variety of security tasks, such as encoding/decoding data, filter IPs/hosts/URLs, querying ASNs, querying DNS, HTTP, scanning for web vulnerabilities, spidering websites, installing 3rd-party repositories of exploits and/or payloads, running exploits, developing new exploits, managing local databases, fuzzing data, performing recon, and much more.

• ronin - A Ruby toolkit for security research and development.
• ronin-support - A support library for ronin-rb.
• ronin-support-web - A web support library for ronin-rb.
• ronin-core - A core library for all ronin libraries.
• ronin-repos - Third-party git repository support for ronin.
• ronin-fuzzer - A highly configurable fuzzing library and CLI for Ruby.
• ronin-db - A common database library for managing and querying security data.
• ronin-db-activerecord - ActiveRecord backend for the Ronin Database.
• ronin-dns-proxy - A configurable DNS proxy server library.
• ronin-listener - A small CLI utility for receiving exfiltrated data over DNS or HTTP.
• ronin-listener-dns - A DNS server for receiving exfiltrated data sent via DNS queries. ronin-listener-dns can be used to test for XML external entity (XXE) injection
• ronin-listener-http - A HTTP server for receiving exfiltrated data sent via HTTP requests.
• ronin-web - A collection of common web security commands and libraries.
• ronin-web-browser - A Ruby library for automating the Chrome web browser.
• ronin-web-server - A custom Ruby web server based on Sinatra.
• ronin-web-spider - A collection of common web spidering routines.
• ronin-web-user_agents - Generates random but realistic User-Agent strings.
• ronin-code-asm - A Ruby DSL for crafting Assmebly programs and Shellcode.
• ronin-code-sql - A Ruby DSL for crafting SQL Injections.
• ronin-vulns - Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
  • vuln-apps - A collection of simple vulnerable web apps for testing vulnerability scanners or educational purposes.
• ronin-post_ex - Ruby API for Post-Exploitation.
• ronin-payloads - A Ruby micro-framework for writing and running exploit payloads.
• ronin-exploits - A Ruby micro-framework for writing and running exploits and payloads.
• ronin-wordlists - A library and tool for managing wordlists.
• ronin-brute - [WIP] A micro-framework and tool for bruteforcing credentials.
  • bruteforceables - A collection of bruteforceable apps and servers. Useful for testing network bruteforcers.
• ronin-nmap - A Ruby library for working with nmap.
• ronin-masscan - A Ruby library for working with masscan.
• ronin-recon - A micro-framework and tool for performing reconnaissance.
• docker - Dockerfiles for the ronin docker images.
• scripts - The ronin-install.sh installer script and the ronin-dev.sh development environment setup script.
• ronin-rb.github.io - The website.