• Website
• Discord | Mastodon

Ronin is a free and Open Source Ruby toolkit for security research and development. Ronin contains many different CLI commands and Ruby libraries for a variety of security tasks, such as encoding/decoding data, filter IPs/hosts/URLs, querying ASNs, querying DNS, HTTP, scanning for web vulnerabilities, spidering websites, install 3rd party repositories of exploits and/or payloads, run exploits, write new exploits, managing local databases, fuzzing data, and much more.

• ronin - A Ruby toolkit for security research and development.
• ronin-support - A support library for ronin-rb.
• ronin-support-web - [WIP] A web support library for ronin-rb.
• ronin-core - A core library for all ronin libraries.
• ronin-repos - Third-party git repository support for ronin.
• ronin-fuzzer - A highly configurable fuzzing library and CLI for Ruby.
• ronin-db - A common database library for managing and querying security data.
• ronin-db-activerecord - ActiveRecord backend for the Ronin Database.
• ronin-dns-proxy - A configurable DNS proxy server library.
• ronin-listener - A small CLI utility for receiving exfiltrated data over DNS or HTTP.
• ronin-listener-dns - A DNS server for receiving exfiltrated data sent via DNS queries. ronin-listener-dns can be used to test for XML external entity (XXE) injection
• ronin-listener-http - A HTTP server for receiving exfiltrated data sent via HTTP requests.
• ronin-web - A collection of common web security commands and libraries.
• ronin-web-browser - [WIP] A Ruby library for automating the Chrome web browser.
• ronin-web-server - A custom Ruby web server based on Sinatra.
• ronin-web-spider - A collection of common web spidering routines.
• ronin-web-user_agents - Generates random but realistic User-Agent strings.
• ronin-code-asm - A Ruby DSL for crafting Assmebly programs and Shellcode.
• ronin-code-sql - A Ruby DSL for crafting SQL Injections.
• ronin-vulns - Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
  • vuln-apps - A collection of simple vulnerable web apps for testing vulnerability scanners or educational purposes.
• ronin-post_ex - Ruby API for Post-Exploitation.
• ronin-payloads - A Ruby micro-framework for writing and running exploit payloads.
• ronin-exploits - A Ruby micro-framework for writing and running exploits and payloads.
• ronin-wordlists - [WIP] A library and tool for managing wordlists.
• ronin-brute - [WIP] A micro-framework and tool for bruteforcing credentials.
  • bruteforceables - A collection of bruteforceable apps and servers. Useful for testing network bruteforcers.
• ronin-nmap - [WIP] A Ruby library for working with nmap.
• ronin-masscan - [WIP] A Ruby library for working with masscan.
• ronin-recon - [WIP] A micro-framework and tool for performing reconnaissance.
• docker - Dockerfiles for the ronin docker images.
• scripts - The ronin-install.sh installer script and the ronin-dev.sh development environment setup script.
• ronin-rb.github.io - The website.