{"id":13845949,"url":"https://github.com/ronin-rb/ronin-vulns","last_synced_at":"2025-04-05T10:10:23.662Z","repository":{"id":65148387,"uuid":"532149311","full_name":"ronin-rb/ronin-vulns","owner":"ronin-rb","description":"Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI),   SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.","archived":false,"fork":false,"pushed_at":"2024-08-28T21:29:58.000Z","size":415,"stargazers_count":61,"open_issues_count":12,"forks_count":16,"subscribers_count":3,"default_branch":"main","last_synced_at":"2024-10-29T14:22:28.447Z","etag":null,"topics":["hacktoberfest","lfi","open-redirect","pentest-tool","pentesting","rfi","ronin-rb","ruby","security","sql-injection","sqli","ssti","vulnerability-detection","vulnerability-scanners","web-security","xss"],"latest_commit_sha":null,"homepage":"https://ronin-rb.dev","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"lgpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ronin-rb.png","metadata":{"files":{"readme":"README.md","changelog":"ChangeLog.md","contributing":null,"funding":null,"license":"COPYING.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"open_collective":"ronin-rb","patreon":"roninrb"}},"created_at":"2022-09-03T03:57:17.000Z","updated_at":"2024-10-20T03:50:54.000Z","dependencies_parsed_at":"2023-02-17T23:45:40.348Z","dependency_job_id":"a7d13403-4908-4989-b1e3-e6a77002f68a","html_url":"https://github.com/ronin-rb/ronin-vulns","commit_stats":{"total_commits":283,"total_committers":3,"mean_commits":94.33333333333333,"dds":0.007067137809187329,"last_synced_commit":"fb244f341f43cb37cb1969ce7fcbc31566ebb6cf"},"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ronin-rb%2Fronin-vulns","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ronin-rb%2Fronin-vulns/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ronin-rb%2Fronin-vulns/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ronin-rb%2Fronin-vulns/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ronin-rb","download_url":"https://codeload.github.com/ronin-rb/ronin-vulns/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247199944,"owners_count":20900363,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacktoberfest","lfi","open-redirect","pentest-tool","pentesting","rfi","ronin-rb","ruby","security","sql-injection","sqli","ssti","vulnerability-detection","vulnerability-scanners","web-security","xss"],"created_at":"2024-08-04T17:04:12.057Z","updated_at":"2025-04-05T10:10:23.623Z","avatar_url":"https://github.com/ronin-rb.png","language":"Ruby","funding_links":["https://opencollective.com/ronin-rb","https://patreon.com/roninrb"],"categories":["Ruby"],"sub_categories":[],"readme":"# ronin-vulns\n\n[![CI](https://github.com/ronin-rb/ronin-vulns/actions/workflows/ruby.yml/badge.svg)](https://github.com/ronin-rb/ronin-vulns/actions/workflows/ruby.yml)\n[![Code Climate](https://codeclimate.com/github/ronin-rb/ronin-vulns.svg)](https://codeclimate.com/github/ronin-rb/ronin-vulns)\n[![Gem Version](https://badge.fury.io/rb/ronin-vulns.svg)](https://badge.fury.io/rb/ronin-vulns)\n\n* [Website](https://ronin-rb.dev/)\n* [Source](https://github.com/ronin-rb/ronin-vulns)\n* [Issues](https://github.com/ronin-rb/ronin-vulns/issues)\n* [Documentation](https://ronin-rb.dev/docs/ronin-vulns/frames)\n* [Discord](https://discord.gg/6WAb3PsVX9) |\n  [Mastodon](https://infosec.exchange/@ronin_rb)\n\n## Description\n\nronin-vulns is a Ruby library for blind vulnerability testing. It currently\nsupports testing for Local File Inclusion (LFI), Remote File Inclusion (RFI),\nSQL injection (SQLi), reflective Cross Site Scripting (XSS), Server Side\nTemplate Injection (SSTI), and Open Redirects.\n\nronin-vulns is part of the [ronin-rb] project, a [Ruby] toolkit for security\nresearch and development.\n\n## Features\n\n* Supports testing for:\n  * Local File Inclusion (LFI)\n  * Remote File Inclusion (RFI)\n    * PHP\n    * ASP Class / ASP.NET\n    * JSP\n    * ColdFusion\n    * Perl\n  * SQL Injection (SQLi)\n  * Reflected Cross Site Scripting (XSS)\n  * Server Side Template Injection (SSTI)\n  * Open Redirects\n* Supports testing:\n  * URL query parameters.\n  * HTTP Headers.\n  * HTTP `Cookie` parameters.\n  * Form parameters.\n* Has 96% documentation coverage.\n* Has 99% test coverage.\n\n## Synopsis\n\n```\nUsage: ronin-vulns [options] [COMMAND [ARGS...]]\n\nOptions:\n    -h, --help                       Print help information\n\nArguments:\n    [COMMAND]                        The command name to run\n    [ARGS ...]                       Additional arguments for the command\n\nCommands:\n    completion\n    help\n    irb\n    lfi\n    open-redirect\n    reflected-xss, xss\n    rfi\n    scan\n    sqli\n    ssti\n```\n\nTest a URL for any web vulnerabilities:\n\n```shell\n$ ronin-vulns scan \"http://www.example.com/page.php?lang=en\"\n```\n\nTest a URL for Remote File Inclusion (RFI):\n\n```shell\n$ ronin-vulns rfi \"http://www.example.com/page.php?lang=en\"\n```\n\nTest a URL for Local File Inclusion (LFI):\n\n```shell\n$ ronin-vulns lfi \"http://www.example.com/page.php?lang=en\"\n```\n\nTest a URL for SQL injection (SQLi):\n\n```shell\n$ ronin-vulns sqli \"http://testphp.vulnweb.com/listproducts.php?cat=1\"\n```\n\nTest a URL for Server Side Template Injection (SSTI):\n\n```shell\n$ ronin-vulns sqli \"http://www.example.com/page.php?lang=en\"\n```\n\nTest a URL for Open Redirects:\n\n```shell\n$ ronin-vulns open-redirect \"http://www.example.com/page.php?lang=en\"\n```\n\nTest a URL for reflected Cross Site Scripting (XSS):\n\n```shell\n$ ronin-vulns reflected-xss \"http://www.example.com/page.php?lang=en\"\n```\n\n## Examples\n\nTest a URL for any web vulnerability:\n\n```ruby\nrequire 'ronin/vulns/url_scanner'\n\nvuln = Ronin::Vulns::URLScanner.test('http://www.example.com/page.php?lang=en')\n# =\u003e #\u003cRonin::Vulns::SQLI: ...\u003e\n```\n\nScan a URL for all web vulnerabilities:\n\n```ruby\nrequire 'ronin/vulns/url_scanner'\n\nvulns = Ronin::Vulns::URLScanner.scan('http://www.example.com/page.php?lang=en')\ndo |vuln|\n  puts \"Found #{vuln.class} on #{vuln.url} query param #{vuln.query_param}\"\nend\n# =\u003e [#\u003cRonin::Vulns::SQLI: ...\u003e, #\u003cRonin::Vulns::ReflectedXSS: ...\u003e, ...]\n```\n\n### Remote File Inclusion (RFI)\n\nTest a URL for Remote File Inclusion (RFI):\n\n```ruby\nrequire 'ronin/vulns/rfi'\n\nvuln = Ronin::Vulns::RFI.test('http://www.example.com/page.php?lang=en')\n# =\u003e #\u003cRonin::Vulns::RFI: ...\u003e\n```\n\nFinds all Remote File Inclusion (RFI) vulnerabilities for a given URL:\n\n```ruby\nvulns = Ronin::Vulns::RFI.scan('http://www.example.com/page.php?lang=en')\n# =\u003e [#\u003cRonin::Vulns::RFI: ...\u003e, ...]\n\nvulns = Ronin::Vulns::RFI.scan('http://www.example.com/page.php?lang=en') do |vuln|\n  puts \"Found RFI on #{vuln.url} query param #{vuln.query_param}\"\nend\n# =\u003e [#\u003cRonin::Vulns::RFI: ...\u003e, ...]\n```\n\n### Local File Inclusion (LFI)\n\nTest a URL for Local File Inclusion (LFI):\n\n```ruby\nrequire 'ronin/vulns/lfi'\n\nvuln = Ronin::Vulns::LFI.test('http://www.example.com/page.php?lang=en')\n# =\u003e #\u003cRonin::Vulns::LFI: ...\u003e\n```\n\nFinds all Local File Inclusion (LFI) vulnerabilities for a given URL:\n\n```ruby\nvulns = Ronin::Vulns::LFI.scan('http://www.example.com/page.php?lang=en')\n# =\u003e [#\u003cRonin::Vulns::LFI: ...\u003e, ...]\n\nvulns = Ronin::Vulns::LFI.scan('http://www.example.com/page.php?lang=en') do |vuln|\n  puts \"Found LFI on #{vuln.url} query param #{vuln.query_param}\"\nend\n```\n\n### SQL Injection (SQLI)\n\nTest a URL for SQL Injection (SQLi):\n\n```ruby\nrequire 'ronin/vulns/sqli'\n\nvuln = Ronin::Vulns::SQLI.test('http://testphp.vulnweb.com/listproducts.php?cat=1')\n# =\u003e #\u003cRonin::Vulns::SQLI: ...\u003e\n```\n\nFinds all Server Side Template Injection (SQLI) vulnerabilities for a given URL:\n\n```ruby\nvulns = Ronin::Vulns::SQLI.scan('http://testphp.vulnweb.com/listproducts.php?cat=1')\n# =\u003e [#\u003cRonin::Vulns::SQLI: ...\u003e, ...]\n\nvulns = Ronin::Vulns::SQLI.scan('http://testphp.vulnweb.com/listproducts.php?cat=1') do |vuln|\n  puts \"Found SQLi on #{vuln.url} query param #{vuln.query_param}\"\nend\n# =\u003e [#\u003cRonin::Vulns::SQLI: ...\u003e, ...]\n```\n\n### Server Side Template Injection (SSTI)\n\nTest a URL for Server Side Template Injection (SSTI):\n\n```ruby\nrequire 'ronin/vulns/ssti'\n\nvuln = Ronin::Vulns::SSTI.test('http://www.example.com/page.php?lang=en')\n# =\u003e #\u003cRonin::Vulns::SSTI: ...\u003e\n```\n\nFinds all Server Side Template Injection (SSTI) vulnerabilities for a given URL:\n\n```ruby\nvulns = Ronin::Vulns::SSTI.scan('http://www.example.com/page.php?lang=en')\n# =\u003e [#\u003cRonin::Vulns::SSTI: ...\u003e, ...]\n\nvulns = Ronin::Vulns::SSTI.scan('http://www.example.com/page.php?lang=en') do |vuln|\n  puts \"Found SSTI on #{vuln.url} query param #{vuln.query_param}\"\nend\n# =\u003e [#\u003cRonin::Vulns::SSTI: ...\u003e, ...]\n```\n\n### Reflected Cross Site Scripting (XSS)\n\nTest a URL for an (Reflected) Cross Site Scripting (XSS) vulnerability:\n\n```ruby\nrequire 'ronin/vulns/reflected_xss'\n\nvuln = Ronin::Vulns::ReflectedXSS.test('http://www.example.com/page.php?lang=en')\n# =\u003e #\u003cRonin::Vulns::ReflectedXSS: ...\u003e\n```\n\nFinds all (Reflected) Cross Site Scripting (XSS) vulnerabilities for a given\nURL:\n\n```ruby\nvulns = Ronin::Vulns::ReflectedXSS.scan('http://www.example.com/page.php?lang=en')\n# =\u003e [#\u003cRonin::Vulns::ReflectedXSS: ...\u003e, ...]\n\nvulns = Ronin::Vulns::ReflectedXSS.scan('http://www.example.com/page.php?lang=en') do |vuln|\n  puts \"Found ReflectedXSS on #{vuln.url} query param #{vuln.query_param}\"\nend\n# =\u003e [#\u003cRonin::Vulns::ReflectedXSS: ...\u003e, ...]\n```\n\n### Open Redirect\n\nTest a URL for an Open Redirect vulnerability:\n\n```ruby\nrequire 'ronin/vulns/open_redirect'\n\nvuln = Ronin::Vulns::OpenRedirect.test('http://www.example.com/page.php?lang=en')\n# =\u003e #\u003cRonin::Vulns::OpenRedirect: ...\u003e\n```\n\nFinds all Open Redirect vulnerabilities for a given URL:\n\n```ruby\nvulns = Ronin::Vulns::OpenRedirect.scan('http://www.example.com/page.php?lang=en')\n# =\u003e [#\u003cRonin::Vulns::OpenRedirect: ...\u003e, ...]\n\nvulns = Ronin::Vulns::OpenRedirect.scan('http://www.example.com/page.php?lang=en') do |vuln|\n  puts \"Found OpenRedirect on #{vuln.url} query param #{vuln.query_param}\"\nend\n# =\u003e [#\u003cRonin::Vulns::OpenRedirect: ...\u003e, ...]\n```\n\n## Requirements\n\n* [Ruby] \u003e= 3.0.0\n* [base64] ~\u003e 0.1\n* [ronin-support] ~\u003e 1.0\n* [ronin-core] ~\u003e 0.2\n* [ronin-db] ~\u003e 0.2\n\n## Install\n\n```shell\n$ gem install ronin-vulns\n```\n\n### Gemfile\n\n```ruby\ngem 'ronin-vulns', '~\u003e 0.1'\n```\n\n### gemspec\n\n```ruby\ngem.add_dependency 'ronin-vulns', '~\u003e 0.1'\n```\n\n## Development\n\n1. [Fork It!](https://github.com/ronin-rb/ronin-vulns/fork)\n2. Clone It!\n3. `cd ronin-vulns/`\n4. `./scripts/setup`\n5. `git checkout -b my_feature`\n6. Code It!\n7. `bundle exec rake spec`\n8. `git push origin my_feature`\n\n## License\n\nCopyright (c) 2022-2025 Hal Brodigan (postmodern.mod3 at gmail.com)\n\nronin-vulns is free software: you can redistribute it and/or modify\nit under the terms of the GNU Lesser General Public License as published\nby the Free Software Foundation, either version 3 of the License, or\n(at your option) any later version.\n\nronin-vulns is distributed in the hope that it will be useful,\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\nGNU Lesser General Public License for more details.\n\nYou should have received a copy of the GNU Lesser General Public License\nalong with ronin-vulns.  If not, see \u003chttps://www.gnu.org/licenses/\u003e.\n\n[Ruby]: https://www.ruby-lang.org\n[ronin-rb]: https://ronin-rb.dev\n\n[base64]: https://github.com/ruby/base64#readme\n[ronin-support]: https://github.com/ronin-rb/ronin-support#readme\n[ronin-core]: https://github.com/ronin-rb/ronin-core#readme\n[ronin-db]: https://github.com/ronin-rb/ronin-db#readme\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fronin-rb%2Fronin-vulns","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fronin-rb%2Fronin-vulns","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fronin-rb%2Fronin-vulns/lists"}