ronin-app is a small web application that is meant to be ran locally by the user. It provides a web interface to ronin-support, ronin-repos, ronin-db, ronin-payloads, ronin-exploits, as well as automating ronin-nmap, ronin-masscan, ronin-web-spider, ronin-recon, and ronin-vulns.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Usage: ronin-app [options]
Options:
-V, --version Prints the version and exits
-H, --host IP The host to listen on (Default: localhost)
-p, --port PORT The port to listen on (Default: 1337)
--db NAME The ronin-db database to connect to
--db-uri URI The ronin-db database URI to connect to
-h, --help Print help information
Starts the ronin web app
$ ronin-app
Note: the ronin-app command will automatically open a browser for
http://localhost:1337, if ran in a real terminal.
Note: both nmap and masscan require additional Linux capabilities in
order to be ran without sudo or root privileges.
sudo setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip "$(which nmap)"
sudo setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip "$(which masscan)"
Rack::Utils.escape_html.cd ronin-app./scripts/setupgit checkout -b my_featurebundle exec rake spec./scripts/server then visit http://localhost:1337/git push origin my_featureYou can also use docker-compose to build and run the app:
$ docker-compose build
$ docker-compose up
Gemfile - defines all gem dependencies.Procfile - defines the various services of the app that will be started.Procfile.dev - defines the various services of the app that will be started
in development mode.config.ru - The main entry point for rackup/puma.config/ - Contains all app configuration files.lib/ronin/app/helpers/ - Contains all Sinatra helper modules which define methods thatapp.rb - The main Rack app that contains HTTP routes.app/ - Contains sub-App classes that contains grouped HTTP routesworkers.rb - The main entry point for Sidekiq which loads all worker classes
from lib/workers/.workers/ - Contains all Sidekiq worker classes.
can be called within the views.lib/ronin/app/types.rb - Defines custom dry-types.lib/ronin/app/types/ - Contains additional custom types.lib/ronin/app/validations/ - Contains dry-validations logic for validating
submitted HTTP params.views/ - Contains all ERB views that are rendered by app.rb.views/layout.erb - The main page layout view.public/ - Contains all static assets (images, CSS stylesheets, and
JavaScript).scripts/ - Contains scripts for setting up or starting the app.Copyright (C) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
ronin-app is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
ronin-app is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with ronin-app. If not, see http://www.gnu.org/licenses/.
FAQs
Unknown package
We found that ronin-app demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI confirms no security flaws were exploited in the Ultralytics supply chain attack and highlights improvements for safer package publishing.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.