Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ronin-rb/ronin-vulns
Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
https://github.com/ronin-rb/ronin-vulns
hacktoberfest lfi open-redirect pentest-tool pentesting rfi ronin-rb ruby security sql-injection sqli ssti vulnerability-detection vulnerability-scanners web-security xss
Last synced: 21 days ago
JSON representation
Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
- Host: GitHub
- URL: https://github.com/ronin-rb/ronin-vulns
- Owner: ronin-rb
- License: lgpl-3.0
- Created: 2022-09-03T03:57:17.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2024-08-28T21:29:58.000Z (4 months ago)
- Last Synced: 2024-10-29T14:22:28.447Z (about 1 month ago)
- Topics: hacktoberfest, lfi, open-redirect, pentest-tool, pentesting, rfi, ronin-rb, ruby, security, sql-injection, sqli, ssti, vulnerability-detection, vulnerability-scanners, web-security, xss
- Language: Ruby
- Homepage: https://ronin-rb.dev
- Size: 405 KB
- Stars: 61
- Watchers: 3
- Forks: 16
- Open Issues: 12
-
Metadata Files:
- Readme: README.md
- Changelog: ChangeLog.md
- License: COPYING.txt
Awesome Lists containing this project
- awesome-hacking-lists - ronin-rb/ronin-vulns - Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects. (Ruby)
README
# ronin-vulns
[](https://github.com/ronin-rb/ronin-vulns/actions/workflows/ruby.yml)
[](https://codeclimate.com/github/ronin-rb/ronin-vulns)
[](https://badge.fury.io/rb/ronin-vulns)
* [Website](https://ronin-rb.dev/)
* [Source](https://github.com/ronin-rb/ronin-vulns)
* [Issues](https://github.com/ronin-rb/ronin-vulns/issues)
* [Documentation](https://ronin-rb.dev/docs/ronin-vulns/frames)
* [Discord](https://discord.gg/6WAb3PsVX9) |
[Mastodon](https://infosec.exchange/@ronin_rb)
## Description
ronin-vulns is a Ruby library for blind vulnerability testing. It currently
supports testing for Local File Inclusion (LFI), Remote File Inclusion (RFI),
SQL injection (SQLi), reflective Cross Site Scripting (XSS), Server Side
Template Injection (SSTI), and Open Redirects.
ronin-vulns is part of the [ronin-rb] project, a [Ruby] toolkit for security
research and development.
## Features
* Supports testing for:
* Local File Inclusion (LFI)
* Remote File Inclusion (RFI)
* PHP
* ASP Class / ASP.NET
* JSP
* ColdFusion
* Perl
* SQL Injection (SQLi)
* Reflected Cross Site Scripting (XSS)
* Server Side Template Injection (SSTI)
* Open Redirects
* Supports testing:
* URL query parameters.
* HTTP Headers.
* HTTP `Cookie` parameters.
* Form parameters.
* Has 96% documentation coverage.
* Has 99% test coverage.
## Synopsis
```
Usage: ronin-vulns [options] [COMMAND [ARGS...]]
Options:
-h, --help Print help information
Arguments:
[COMMAND] The command name to run
[ARGS ...] Additional arguments for the command
Commands:
completion
help
irb
lfi
open-redirect
reflected-xss, xss
rfi
scan
sqli
ssti
```
Test a URL for any web vulnerabilities:
```shell
$ ronin-vulns scan "http://www.example.com/page.php?lang=en"
```
Test a URL for Remote File Inclusion (RFI):
```shell
$ ronin-vulns rfi "http://www.example.com/page.php?lang=en"
```
Test a URL for Local File Inclusion (LFI):
```shell
$ ronin-vulns lfi "http://www.example.com/page.php?lang=en"
```
Test a URL for SQL injection (SQLi):
```shell
$ ronin-vulns sqli "http://testphp.vulnweb.com/listproducts.php?cat=1"
```
Test a URL for Server Side Template Injection (SSTI):
```shell
$ ronin-vulns sqli "http://www.example.com/page.php?lang=en"
```
Test a URL for Open Redirects:
```shell
$ ronin-vulns open-redirect "http://www.example.com/page.php?lang=en"
```
Test a URL for reflected Cross Site Scripting (XSS):
```shell
$ ronin-vulns reflected-xss "http://www.example.com/page.php?lang=en"
```
## Examples
Test a URL for any web vulnerability:
```ruby
require 'ronin/vulns/url_scanner'
vuln = Ronin::Vulns::URLScanner.test('http://www.example.com/page.php?lang=en')
# => #
```
Scan a URL for all web vulnerabilities:
```ruby
require 'ronin/vulns/url_scanner'
vulns = Ronin::Vulns::URLScanner.scan('http://www.example.com/page.php?lang=en')
do |vuln|
puts "Found #{vuln.class} on #{vuln.url} query param #{vuln.query_param}"
end
# => [#, #, ...]
```
### Remote File Inclusion (RFI)
Test a URL for Remote File Inclusion (RFI):
```ruby
require 'ronin/vulns/rfi'
vuln = Ronin::Vulns::RFI.test('http://www.example.com/page.php?lang=en')
# => #
```
Finds all Remote File Inclusion (RFI) vulnerabilities for a given URL:
```ruby
vulns = Ronin::Vulns::RFI.scan('http://www.example.com/page.php?lang=en')
# => [#, ...]
vulns = Ronin::Vulns::RFI.scan('http://www.example.com/page.php?lang=en') do |vuln|
puts "Found RFI on #{vuln.url} query param #{vuln.query_param}"
end
# => [#, ...]
```
### Local File Inclusion (LFI)
Test a URL for Local File Inclusion (LFI):
```ruby
require 'ronin/vulns/lfi'
vuln = Ronin::Vulns::LFI.test('http://www.example.com/page.php?lang=en')
# => #
```
Finds all Local File Inclusion (LFI) vulnerabilities for a given URL:
```ruby
vulns = Ronin::Vulns::LFI.scan('http://www.example.com/page.php?lang=en')
# => [#, ...]
vulns = Ronin::Vulns::LFI.scan('http://www.example.com/page.php?lang=en') do |vuln|
puts "Found LFI on #{vuln.url} query param #{vuln.query_param}"
end
```
### SQL Injection (SQLI)
Test a URL for SQL Injection (SQLi):
```ruby
require 'ronin/vulns/sqli'
vuln = Ronin::Vulns::SQLI.test('http://testphp.vulnweb.com/listproducts.php?cat=1')
# => #
```
Finds all Server Side Template Injection (SQLI) vulnerabilities for a given URL:
```ruby
vulns = Ronin::Vulns::SQLI.scan('http://testphp.vulnweb.com/listproducts.php?cat=1')
# => [#, ...]
vulns = Ronin::Vulns::SQLI.scan('http://testphp.vulnweb.com/listproducts.php?cat=1') do |vuln|
puts "Found SQLi on #{vuln.url} query param #{vuln.query_param}"
end
# => [#, ...]
```
### Server Side Template Injection (SSTI)
Test a URL for Server Side Template Injection (SSTI):
```ruby
require 'ronin/vulns/ssti'
vuln = Ronin::Vulns::SSTI.test('http://www.example.com/page.php?lang=en')
# => #
```
Finds all Server Side Template Injection (SSTI) vulnerabilities for a given URL:
```ruby
vulns = Ronin::Vulns::SSTI.scan('http://www.example.com/page.php?lang=en')
# => [#, ...]
vulns = Ronin::Vulns::SSTI.scan('http://www.example.com/page.php?lang=en') do |vuln|
puts "Found SSTI on #{vuln.url} query param #{vuln.query_param}"
end
# => [#, ...]
```
### Reflected Cross Site Scripting (XSS)
Test a URL for an (Reflected) Cross Site Scripting (XSS) vulnerability:
```ruby
require 'ronin/vulns/reflected_xss'
vuln = Ronin::Vulns::ReflectedXSS.test('http://www.example.com/page.php?lang=en')
# => #
```
Finds all (Reflected) Cross Site Scripting (XSS) vulnerabilities for a given
URL:
```ruby
vulns = Ronin::Vulns::ReflectedXSS.scan('http://www.example.com/page.php?lang=en')
# => [#, ...]
vulns = Ronin::Vulns::ReflectedXSS.scan('http://www.example.com/page.php?lang=en') do |vuln|
puts "Found ReflectedXSS on #{vuln.url} query param #{vuln.query_param}"
end
# => [#, ...]
```
### Open Redirect
Test a URL for an Open Redirect vulnerability:
```ruby
require 'ronin/vulns/open_redirect'
vuln = Ronin::Vulns::OpenRedirect.test('http://www.example.com/page.php?lang=en')
# => #
```
Finds all Open Redirect vulnerabilities for a given URL:
```ruby
vulns = Ronin::Vulns::OpenRedirect.scan('http://www.example.com/page.php?lang=en')
# => [#, ...]
vulns = Ronin::Vulns::OpenRedirect.scan('http://www.example.com/page.php?lang=en') do |vuln|
puts "Found OpenRedirect on #{vuln.url} query param #{vuln.query_param}"
end
# => [#, ...]
```
## Requirements
* [Ruby] >= 3.0.0
* [ronin-support] ~> 1.0
* [ronin-core] ~> 0.2
* [ronin-db] ~> 0.2
## Install
```shell
$ gem install ronin-vulns
```
### Gemfile
```ruby
gem 'ronin-vulns', '~> 0.1'
```
### gemspec
```ruby
gem.add_dependency 'ronin-vulns', '~> 0.1'
```
## Development
1. [Fork It!](https://github.com/ronin-rb/ronin-vulns/fork)
2. Clone It!
3. `cd ronin-vulns/`
4. `./scripts/setup`
5. `git checkout -b my_feature`
6. Code It!
7. `bundle exec rake spec`
8. `git push origin my_feature`
## License
Copyright (c) 2022-2024 Hal Brodigan (postmodern.mod3 at gmail.com)
ronin-vulns is free software: you can redistribute it and/or modify
it under the terms of the GNU Lesser General Public License as published
by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
ronin-vulns is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with ronin-vulns. If not, see .
[Ruby]: https://www.ruby-lang.org
[ronin-rb]: https://ronin-rb.dev
[ronin-support]: https://github.com/ronin-rb/ronin-support#readme
[ronin-core]: https://github.com/ronin-rb/ronin-core#readme
[ronin-db]: https://github.com/ronin-rb/ronin-db#readme