ronin-app 0.1.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.dockerignore +3 -0
- data/.document +6 -0
- data/.env.dev +1 -0
- data/.github/workflows/ruby.yml +44 -0
- data/.gitignore +16 -0
- data/.rspec +1 -0
- data/.rubocop.yml +26 -0
- data/.ruby-version +1 -0
- data/.yardopts +1 -0
- data/CONTRIBUTING.md +34 -0
- data/COPYING.txt +661 -0
- data/ChangeLog.md +38 -0
- data/Dockerfile +27 -0
- data/Gemfile +61 -0
- data/Procfile +2 -0
- data/Procfile.dev +2 -0
- data/README.md +215 -0
- data/Rakefile +44 -0
- data/app/db.rb +680 -0
- data/app/scanning.rb +173 -0
- data/app.rb +372 -0
- data/bin/ronin-app +34 -0
- data/config/database.rb +17 -0
- data/config/puma.rb +24 -0
- data/config/redis.rb +4 -0
- data/config/sidekiq.rb +23 -0
- data/config/sidekiq.yml +12 -0
- data/config.ru +33 -0
- data/docker-compose.yml +45 -0
- data/etc/systemd/user/ronin-app-sidekiq.1.service +17 -0
- data/etc/systemd/user/ronin-app-web.1.service +18 -0
- data/etc/systemd/user/ronin-app.target +5 -0
- data/gemspec.yml +55 -0
- data/lib/middleware/sidekiq/active_record_connection_pool.rb +47 -0
- data/lib/ronin/app/cli.rb +197 -0
- data/lib/ronin/app/helpers/html.rb +71 -0
- data/lib/ronin/app/root.rb +28 -0
- data/lib/ronin/app/schemas/params_schema.rb +66 -0
- data/lib/ronin/app/schemas/payloads/build_schema.rb +56 -0
- data/lib/ronin/app/schemas/payloads/encoders/encode_schema.rb +60 -0
- data/lib/ronin/app/types/import.rb +35 -0
- data/lib/ronin/app/types/nmap.rb +81 -0
- data/lib/ronin/app/types/spider.rb +49 -0
- data/lib/ronin/app/types/vulns.rb +69 -0
- data/lib/ronin/app/types.rb +66 -0
- data/lib/ronin/app/validations/import_params.rb +71 -0
- data/lib/ronin/app/validations/install_repo_params.rb +78 -0
- data/lib/ronin/app/validations/masscan_params.rb +122 -0
- data/lib/ronin/app/validations/nmap_params.rb +183 -0
- data/lib/ronin/app/validations/recon_params.rb +86 -0
- data/lib/ronin/app/validations/spider_params.rb +103 -0
- data/lib/ronin/app/validations/vulns_params.rb +83 -0
- data/lib/ronin/app/version.rb +26 -0
- data/log/.gitkeep +0 -0
- data/man/ronin-app.1 +63 -0
- data/man/ronin-app.1.md +61 -0
- data/public/images/favicon.png +0 -0
- data/public/images/favicon.svg +78 -0
- data/public/images/logo.svg +78 -0
- data/public/images/sidekiq.svg +24 -0
- data/public/javascript/app.js +60 -0
- data/public/javascript/notes.js +28 -0
- data/public/javascript/tabs.js +40 -0
- data/public/stylesheets/app.css +216 -0
- data/public/stylesheets/bulma.min.css +1 -0
- data/ronin-app.gemspec +63 -0
- data/scripts/console +7 -0
- data/scripts/server +134 -0
- data/scripts/setup +447 -0
- data/scripts/update +55 -0
- data/tmp/.gitkeep +0 -0
- data/views/_authors.erb +62 -0
- data/views/_delete.erb +4 -0
- data/views/_delete_all.erb +4 -0
- data/views/_encoding_tabs.erb +25 -0
- data/views/_notes.erb +33 -0
- data/views/_pagination.erb +1 -0
- data/views/_param_fields.erb +66 -0
- data/views/_params.erb +35 -0
- data/views/about.erb +30 -0
- data/views/db/advisories/index.erb +30 -0
- data/views/db/advisories/show.erb +105 -0
- data/views/db/asns/index.erb +19 -0
- data/views/db/asns/show.erb +61 -0
- data/views/db/credentials/index.erb +30 -0
- data/views/db/credentials/show.erb +51 -0
- data/views/db/email_addresses/index.erb +30 -0
- data/views/db/email_addresses/show.erb +44 -0
- data/views/db/host_names/index.erb +30 -0
- data/views/db/host_names/show.erb +52 -0
- data/views/db/ip_addresses/index.erb +19 -0
- data/views/db/ip_addresses/show.erb +98 -0
- data/views/db/mac_addresses/index.erb +19 -0
- data/views/db/mac_addresses/show.erb +62 -0
- data/views/db/open_ports/index.erb +19 -0
- data/views/db/open_ports/show.erb +87 -0
- data/views/db/organizations/departments/show.erb +82 -0
- data/views/db/organizations/index.erb +28 -0
- data/views/db/organizations/members/show.erb +87 -0
- data/views/db/organizations/show.erb +111 -0
- data/views/db/oses/index.erb +19 -0
- data/views/db/oses/show.erb +46 -0
- data/views/db/passwords/index.erb +30 -0
- data/views/db/passwords/show.erb +52 -0
- data/views/db/people/index.erb +31 -0
- data/views/db/people/show.erb +120 -0
- data/views/db/phone_numbers/index.erb +30 -0
- data/views/db/phone_numbers/show.erb +63 -0
- data/views/db/ports/index.erb +30 -0
- data/views/db/ports/show.erb +70 -0
- data/views/db/services/index.erb +30 -0
- data/views/db/services/show.erb +65 -0
- data/views/db/software/index.erb +19 -0
- data/views/db/software/show.erb +52 -0
- data/views/db/software_vendors/index.erb +19 -0
- data/views/db/software_vendors/show.erb +36 -0
- data/views/db/street_addresses/index.erb +19 -0
- data/views/db/street_addresses/show.erb +63 -0
- data/views/db/url_query_param_names/index.erb +19 -0
- data/views/db/url_query_param_names/show.erb +50 -0
- data/views/db/url_schemes/index.erb +19 -0
- data/views/db/url_schemes/show.erb +36 -0
- data/views/db/urls/index.erb +30 -0
- data/views/db/urls/show.erb +103 -0
- data/views/db/user_names/index.erb +30 -0
- data/views/db/user_names/show.erb +48 -0
- data/views/db/vulns/index.erb +19 -0
- data/views/db/vulns/show.erb +104 -0
- data/views/db.erb +152 -0
- data/views/exploits/index.erb +9 -0
- data/views/exploits/show.erb +100 -0
- data/views/import.erb +30 -0
- data/views/index.erb +7 -0
- data/views/layout.erb +98 -0
- data/views/masscan.erb +459 -0
- data/views/nmap.erb +1009 -0
- data/views/payloads/build.erb +19 -0
- data/views/payloads/encoders/encode.erb +35 -0
- data/views/payloads/encoders/index.erb +9 -0
- data/views/payloads/encoders/show.erb +47 -0
- data/views/payloads/index.erb +9 -0
- data/views/payloads/show.erb +47 -0
- data/views/queue.erb +28 -0
- data/views/recon.erb +55 -0
- data/views/repos/index.erb +30 -0
- data/views/repos/install.erb +45 -0
- data/views/repos/show.erb +39 -0
- data/views/spider.erb +372 -0
- data/views/vulns.erb +214 -0
- data/workers/import.rb +96 -0
- data/workers/install_repo.rb +40 -0
- data/workers/masscan.rb +135 -0
- data/workers/nmap.rb +216 -0
- data/workers/purge_repos.rb +40 -0
- data/workers/recon.rb +95 -0
- data/workers/remove_repo.rb +40 -0
- data/workers/spider.rb +148 -0
- data/workers/update_repo.rb +42 -0
- data/workers/update_repos.rb +40 -0
- data/workers/vulns.rb +111 -0
- data/workers.rb +37 -0
- metadata +538 -0
data/ChangeLog.md
ADDED
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
### 0.1.0 / 2024-XX-XX
|
|
2
|
+
|
|
3
|
+
* Initial release:
|
|
4
|
+
* Provides a web interface to explore and search the
|
|
5
|
+
[ronin database][ronin-db].
|
|
6
|
+
* Allows managing [ronin-repos] from the web interface.
|
|
7
|
+
* Allows listing and building the built-in or installed 3rd-party
|
|
8
|
+
[payloads][ronin-payloads].
|
|
9
|
+
* Allows listing installed 3rd-party [exploits][ronin-exploits].
|
|
10
|
+
* Supports automating [nmap] and [masscan] scans and importing their results
|
|
11
|
+
into the [ronin database][ronin-db].
|
|
12
|
+
* Supports automating [spidering websites][ronin-web-spider] and importing all
|
|
13
|
+
visited URLs into the [ronin database][ronin-db].
|
|
14
|
+
* Supports performing recon using [ronin-recon] and importing all discovered
|
|
15
|
+
hostnames, IPs, and URLs into [ronin database][ronin-db].
|
|
16
|
+
* Supports testing URLs for web vulnerabilities using [ronin-vulns].
|
|
17
|
+
|
|
18
|
+
[sqlite]: https://sqlite.org/
|
|
19
|
+
[redis]: https://redis.io/
|
|
20
|
+
[nmap]: https://nmap.org/
|
|
21
|
+
[masscan]: https://github.com/robertdavidgraham/masscan#readme
|
|
22
|
+
|
|
23
|
+
[Ruby]: https://www.ruby-lang.org/
|
|
24
|
+
[dry-types]: https://dry-rb.org/gems/dry-types/
|
|
25
|
+
[dry-schema]: https://dry-rb.org/gems/dry-schema/
|
|
26
|
+
[dry-validation]: https://dry-rb.org/gems/dry-validation/
|
|
27
|
+
|
|
28
|
+
[ronin-support]: https://github.com/ronin-rb/ronin-support#readme
|
|
29
|
+
[ronin-repos]: https://github.com/ronin-rb/ronin-repos#readme
|
|
30
|
+
[ronin-db]: https://github.com/ronin-rb/ronin-db#readme
|
|
31
|
+
[ronin-payloads]: https://github.com/ronin-rb/ronin-payloads#readme
|
|
32
|
+
[ronin-vulns]: https://github.com/ronin-rb/ronin-vulns#readme
|
|
33
|
+
[ronin-exploits]: https://github.com/ronin-rb/ronin-exploits#readme
|
|
34
|
+
[ronin-nmap]: https://github.com/ronin-rb/ronin-nmap#readme
|
|
35
|
+
[ronin-masscan]: https://github.com/ronin-rb/ronin-masscan#readme
|
|
36
|
+
[ronin-web-spider]: https://github.com/ronin-rb/ronin-web-spider#readme
|
|
37
|
+
[ronin-recon]: https://github.com/ronin-rb/ronin-recon#readme
|
|
38
|
+
[ronin-vulns]: https://github.com/ronin-rb/ronin-vulns#readme
|
data/Dockerfile
ADDED
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
FROM ruby:3.1.0
|
|
2
|
+
|
|
3
|
+
ARG RONIN_UID=1000
|
|
4
|
+
ARG RONIN_GID=1000
|
|
5
|
+
|
|
6
|
+
ENV LANG=en_US.UTF-8
|
|
7
|
+
|
|
8
|
+
WORKDIR /app
|
|
9
|
+
ADD Gemfile /app
|
|
10
|
+
ADD gemspec.yml /app
|
|
11
|
+
ADD lib/ronin/app/version.rb /app/lib/ronin/app/
|
|
12
|
+
ADD ronin-app.gemspec /app
|
|
13
|
+
|
|
14
|
+
ARG NMAP_CAPS=cap_net_raw,cap_net_admin,cap_net_bind_service
|
|
15
|
+
ARG MASSCAN_CAPS=cap_net_raw,cap_net_admin,cap_net_bind_service
|
|
16
|
+
|
|
17
|
+
RUN apt-get update &&\
|
|
18
|
+
apt-get install -qq -y libcap2-bin gcc g++ make libsqlite3-dev nmap masscan && \
|
|
19
|
+
setcap "${NMAP_CAPS}+eip" /usr/bin/nmap && \
|
|
20
|
+
setcap "${MASSCAN_CAPS}+eip" /usr/bin/masscan && \
|
|
21
|
+
bundle install --path /app/vendor/bundler
|
|
22
|
+
|
|
23
|
+
ADD . /app
|
|
24
|
+
|
|
25
|
+
RUN groupadd -g "${RONIN_GID}" ronin && \
|
|
26
|
+
useradd -u "${RONIN_UID}" -g ronin -ms /bin/bash ronin
|
|
27
|
+
USER ronin
|
data/Gemfile
ADDED
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
source 'https://rubygems.org'
|
|
3
|
+
|
|
4
|
+
gemspec
|
|
5
|
+
|
|
6
|
+
# gem 'ruby-masscan', '~> 0.3', github: 'postmodern/ruby-masscan',
|
|
7
|
+
# branch: 'main'
|
|
8
|
+
|
|
9
|
+
# NOTE: do not auto-load gems which are meant to be executed at runtime
|
|
10
|
+
gem 'puma', require: false
|
|
11
|
+
gem 'sidekiq', require: false
|
|
12
|
+
|
|
13
|
+
#
|
|
14
|
+
# Ronin dependencies
|
|
15
|
+
#
|
|
16
|
+
# gem 'ronin-support', '~> 1.1', github: 'ronin-rb/ronin-support',
|
|
17
|
+
# branch: 'main'
|
|
18
|
+
# gem 'ronin-core', '~> 0.2', github: 'ronin-rb/ronin-core',
|
|
19
|
+
# branch: 'main'
|
|
20
|
+
# gem 'ronin-db', '~> 0.2', github: 'ronin-rb/ronin-db',
|
|
21
|
+
# branch: 'main'
|
|
22
|
+
|
|
23
|
+
# gem 'ronin-db-activerecord', '~> 0.2', github: 'ronin-rb/ronin-db-activerecord',
|
|
24
|
+
# branch: 'main'
|
|
25
|
+
|
|
26
|
+
# gem 'ronin-payloads', '~> 0.2', github: 'ronin-rb/ronin-payloads'
|
|
27
|
+
# gem 'ronin-exploits', '~> 1.1', github: 'ronin-rb/ronin-exploits',
|
|
28
|
+
# branch: 'main'
|
|
29
|
+
# gem 'ronin-vulns', '~> 0.2', github: 'ronin-rb/ronin-vulns',
|
|
30
|
+
# branch: 'main'
|
|
31
|
+
# gem 'ronin-web-spider', '~> 0.2', github: 'ronin-rb/ronin-web-spider',
|
|
32
|
+
# branch: 'main'
|
|
33
|
+
# gem 'ronin-recon', '~> 0.1', github: 'ronin-rb/ronin-recon'
|
|
34
|
+
# gem 'ronin-nmap', '~> 0.1', github: 'ronin-rb/ronin-nmap'
|
|
35
|
+
# gem 'ronin-masscan', '~> 0.1', github: 'ronin-rb/ronin-masscan'
|
|
36
|
+
# gem 'ronin-repos', '~> 0.2', github: 'ronin-rb/ronin-repos',
|
|
37
|
+
# branch: 'main'
|
|
38
|
+
|
|
39
|
+
group :development do
|
|
40
|
+
gem 'rake', require: false
|
|
41
|
+
|
|
42
|
+
gem 'rubygems-tasks', '~> 0.2'
|
|
43
|
+
|
|
44
|
+
gem 'rspec', '~> 3.0', require: false
|
|
45
|
+
gem 'simplecov', '~> 0.20', require: false
|
|
46
|
+
|
|
47
|
+
gem 'kramdown', '~> 2.0', require: false
|
|
48
|
+
gem 'kramdown-man', '~> 1.0', require: false
|
|
49
|
+
|
|
50
|
+
gem 'redcarpet', require: false, platform: :mri
|
|
51
|
+
gem 'yard', '~> 0.9', require: false
|
|
52
|
+
gem 'yard-spellcheck', require: false
|
|
53
|
+
|
|
54
|
+
gem 'dead_end', require: false
|
|
55
|
+
gem 'sord', require: false, platform: :mri
|
|
56
|
+
gem 'stackprof', require: false, platform: :mri
|
|
57
|
+
gem 'rubocop', require: false, platform: :mri
|
|
58
|
+
gem 'rubocop-ronin', require: false, platform: :mri
|
|
59
|
+
|
|
60
|
+
gem 'foreman', '~> 0.80', require: false
|
|
61
|
+
end
|
data/Procfile
ADDED
data/Procfile.dev
ADDED
data/README.md
ADDED
|
@@ -0,0 +1,215 @@
|
|
|
1
|
+
# ronin-app
|
|
2
|
+
|
|
3
|
+
* [Website](https://ronin-rb.dev)
|
|
4
|
+
* [Issues](https://github.com/ronin-rb/docker/issues)
|
|
5
|
+
* [DockerHub](https://hub.docker.com/r/roninrb/ronin)
|
|
6
|
+
* [Discord](https://discord.gg/6WAb3PsVX9) |
|
|
7
|
+
[Mastodon](https://infosec.exchange/@ronin_rb)
|
|
8
|
+
|
|
9
|
+
ronin-app is a small web application that is meant to be ran locally by the
|
|
10
|
+
user. It provides a web interface to [ronin-support], [ronin-repos], [ronin-db],
|
|
11
|
+
[ronin-payloads], [ronin-exploits], as well as automating
|
|
12
|
+
[ronin-nmap], [ronin-masscan], [ronin-web-spider], [ronin-recon], and
|
|
13
|
+
[ronin-vulns].
|
|
14
|
+
|
|
15
|
+
## Features
|
|
16
|
+
|
|
17
|
+
* Provides a web interface to explore and search the [ronin database][ronin-db].
|
|
18
|
+
* Allows managing [ronin-repos] from the web interface.
|
|
19
|
+
* Allows listing and building the built-in or installed 3rd-party
|
|
20
|
+
[payloads][ronin-payloads].
|
|
21
|
+
* Allows listing installed 3rd-party [exploits][ronin-exploits].
|
|
22
|
+
* Supports automating [nmap] and [masscan] scans and importing their results
|
|
23
|
+
into the [ronin database][ronin-db].
|
|
24
|
+
* Supports automating [spidering websites][ronin-web-spider] and importing all
|
|
25
|
+
visited URLs into the [ronin database][ronin-db].
|
|
26
|
+
* Supports performing recon using [ronin-recon] and importing all discovered
|
|
27
|
+
hostnames, IPs, and URLs into [ronin database][ronin-db].
|
|
28
|
+
* Supports testing URLs for web vulnerabilities using [ronin-vulns].
|
|
29
|
+
* Small memory footprint (~184K).
|
|
30
|
+
* Fast (~1.251ms response time).
|
|
31
|
+
|
|
32
|
+
## Screenshots
|
|
33
|
+
|
|
34
|
+
<table>
|
|
35
|
+
<tbody>
|
|
36
|
+
<tr>
|
|
37
|
+
<td>
|
|
38
|
+
<img src="https://raw.githubusercontent.com/ronin-rb/ronin-app/add_screenshots/screenshots/ronin_app_scanning_nmap.svg" />
|
|
39
|
+
</td>
|
|
40
|
+
<td>
|
|
41
|
+
<img src="https://raw.githubusercontent.com/ronin-rb/ronin-app/add_screenshots/screenshots/ronin_app_scanning_masscan.svg" />
|
|
42
|
+
</td>
|
|
43
|
+
<td>
|
|
44
|
+
<img src="https://raw.githubusercontent.com/ronin-rb/ronin-app/add_screenshots/screenshots/ronin_app_scanning_recon.svg" />
|
|
45
|
+
</td>
|
|
46
|
+
<td>
|
|
47
|
+
<img src="https://raw.githubusercontent.com/ronin-rb/ronin-app/add_screenshots/screenshots/ronin_app_scanning_spider.svg" />
|
|
48
|
+
</td>
|
|
49
|
+
<td>
|
|
50
|
+
<img src="https://raw.githubusercontent.com/ronin-rb/ronin-app/add_screenshots/screenshots/ronin_app_scanning_vulns.svg" />
|
|
51
|
+
</td>
|
|
52
|
+
<td>
|
|
53
|
+
<img src="https://raw.githubusercontent.com/ronin-rb/ronin-app/add_screenshots/screenshots/ronin_app_db.svg" />
|
|
54
|
+
</td>
|
|
55
|
+
<td>
|
|
56
|
+
<img src="https://raw.githubusercontent.com/ronin-rb/ronin-app/add_screenshots/screenshots/ronin_app_db_ip_address.svg" />
|
|
57
|
+
</td>
|
|
58
|
+
</tr>
|
|
59
|
+
<tr>
|
|
60
|
+
<td>
|
|
61
|
+
<img src="https://raw.githubusercontent.com/ronin-rb/ronin-app/add_screenshots/screenshots/ronin_app_repos.svg" />
|
|
62
|
+
</td>
|
|
63
|
+
<td>
|
|
64
|
+
<img src="https://raw.githubusercontent.com/ronin-rb/ronin-app/add_screenshots/screenshots/ronin_app_repos_show.svg" />
|
|
65
|
+
</td>
|
|
66
|
+
<td>
|
|
67
|
+
<img src="https://raw.githubusercontent.com/ronin-rb/ronin-app/add_screenshots/screenshots/ronin_app_payloads.svg" />
|
|
68
|
+
</td>
|
|
69
|
+
<td>
|
|
70
|
+
<img src="https://raw.githubusercontent.com/ronin-rb/ronin-app/add_screenshots/screenshots/ronin_app_payloads_show.svg" />
|
|
71
|
+
</td>
|
|
72
|
+
<td>
|
|
73
|
+
<img src="https://raw.githubusercontent.com/ronin-rb/ronin-app/add_screenshots/screenshots/ronin_app_payloads_build.svg" />
|
|
74
|
+
</td>
|
|
75
|
+
<td>
|
|
76
|
+
<img src="https://raw.githubusercontent.com/ronin-rb/ronin-app/add_screenshots/screenshots/ronin_app_exploits.svg" />
|
|
77
|
+
</td>
|
|
78
|
+
<td>
|
|
79
|
+
<img src="https://raw.githubusercontent.com/ronin-rb/ronin-app/add_screenshots/screenshots/ronin_app_exploits_show.svg" />
|
|
80
|
+
</td>
|
|
81
|
+
</tr>
|
|
82
|
+
</tbody>
|
|
83
|
+
</table>
|
|
84
|
+
|
|
85
|
+
## Synopsis
|
|
86
|
+
|
|
87
|
+
```
|
|
88
|
+
Usage: ronin-app [options]
|
|
89
|
+
|
|
90
|
+
Options:
|
|
91
|
+
-V, --version Prints the version and exits
|
|
92
|
+
-H, --host IP The host to listen on (Default: localhost)
|
|
93
|
+
-p, --port PORT The port to listen on (Default: 1337)
|
|
94
|
+
--db NAME The ronin-db database to connect to
|
|
95
|
+
--db-uri URI The ronin-db database URI to connect to
|
|
96
|
+
-h, --help Print help information
|
|
97
|
+
|
|
98
|
+
Starts the ronin web app
|
|
99
|
+
```
|
|
100
|
+
|
|
101
|
+
```shell
|
|
102
|
+
$ ronin-app
|
|
103
|
+
```
|
|
104
|
+
|
|
105
|
+
**Note:** the `ronin-app` command will automatically open a browser for
|
|
106
|
+
http://localhost:1337, if ran in a real terminal.
|
|
107
|
+
|
|
108
|
+
## Requirements
|
|
109
|
+
|
|
110
|
+
* [libsqlite3][sqlite]
|
|
111
|
+
* [redis-server][redis] >= 6.2
|
|
112
|
+
* [nmap]
|
|
113
|
+
* [masscan]
|
|
114
|
+
* [Ruby] >= 3.1.0
|
|
115
|
+
|
|
116
|
+
**Note:** both `nmap` and `masscan` require additional Linux capabilities in
|
|
117
|
+
order to be ran without `sudo` or `root` privileges.
|
|
118
|
+
|
|
119
|
+
```shell
|
|
120
|
+
sudo setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip "$(which nmap)"
|
|
121
|
+
sudo setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip "$(which masscan)"
|
|
122
|
+
```
|
|
123
|
+
|
|
124
|
+
## Security
|
|
125
|
+
|
|
126
|
+
* This app is intended to be ran locally.
|
|
127
|
+
* All HTML output is escaped with `Rack::Utils.escape_html`.
|
|
128
|
+
* All HTTP params are validated using [dry-validation].
|
|
129
|
+
|
|
130
|
+
## Development
|
|
131
|
+
|
|
132
|
+
1. [Fork It!](https://github.com/ronin-rb/ronin/fork)
|
|
133
|
+
2. Clone It!
|
|
134
|
+
3. `cd ronin-app`
|
|
135
|
+
4. `./scripts/setup`
|
|
136
|
+
5. `git checkout -b my_feature`
|
|
137
|
+
6. Code It!
|
|
138
|
+
7. Test It - `bundle exec rake spec`
|
|
139
|
+
8. Try It - `./scripts/server` then visit http://localhost:1337/
|
|
140
|
+
9. Push It - `git push origin my_feature`
|
|
141
|
+
|
|
142
|
+
### docker-compose
|
|
143
|
+
|
|
144
|
+
You can also use [docker-compose] to build and run the app:
|
|
145
|
+
|
|
146
|
+
[docker-compose]: https://docs.docker.com/compose/install/
|
|
147
|
+
|
|
148
|
+
```shell
|
|
149
|
+
$ docker-compose build
|
|
150
|
+
$ docker-compose up
|
|
151
|
+
```
|
|
152
|
+
|
|
153
|
+
### Directory Structure
|
|
154
|
+
|
|
155
|
+
* `Gemfile` - defines all gem dependencies.
|
|
156
|
+
* `Procfile` - defines the various services of the app that will be started.
|
|
157
|
+
* `Procfile.dev` - defines the various services of the app that will be started
|
|
158
|
+
in development mode.
|
|
159
|
+
* `config.ru` - The main entry point for `rackup`/`puma`.
|
|
160
|
+
* `config/` - Contains all app configuration files.
|
|
161
|
+
* `lib/ronin/app/helpers/` - Contains all Sinatra helper modules which define methods that
|
|
162
|
+
* `app.rb` - The main Rack app that contains HTTP routes.
|
|
163
|
+
* `app/` - Contains sub-App classes that contains grouped HTTP routes
|
|
164
|
+
* `workers.rb` - The main entry point for Sidekiq which loads all worker classes
|
|
165
|
+
from `lib/workers/`.
|
|
166
|
+
* `workers/` - Contains all Sidekiq worker classes.
|
|
167
|
+
can be called within the views.
|
|
168
|
+
* `lib/ronin/app/types.rb` - Defines custom [dry-types].
|
|
169
|
+
* `lib/ronin/app/types/` - Contains additional custom types.
|
|
170
|
+
* `lib/ronin/app/validations/` - Contains [dry-validation]s logic for validating
|
|
171
|
+
submitted HTTP params.
|
|
172
|
+
* `views/` - Contains all ERB views that are rendered by `app.rb`.
|
|
173
|
+
* `views/layout.erb` - The main page layout view.
|
|
174
|
+
* `public/` - Contains all static assets (images, CSS stylesheets, and
|
|
175
|
+
JavaScript).
|
|
176
|
+
* `scripts/` - Contains scripts for setting up or starting the app.
|
|
177
|
+
|
|
178
|
+
## License
|
|
179
|
+
|
|
180
|
+
Copyright (C) 2023-2024 Hal Brodigan (postmodern.mod3@gmail.com)
|
|
181
|
+
|
|
182
|
+
ronin-app is free software: you can redistribute it and/or modify
|
|
183
|
+
it under the terms of the GNU Affero General Public License as published by
|
|
184
|
+
the Free Software Foundation, either version 3 of the License, or
|
|
185
|
+
(at your option) any later version.
|
|
186
|
+
|
|
187
|
+
ronin-app is distributed in the hope that it will be useful,
|
|
188
|
+
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
189
|
+
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
190
|
+
GNU Affero General Public License for more details.
|
|
191
|
+
|
|
192
|
+
You should have received a copy of the GNU Affero General Public License
|
|
193
|
+
along with ronin-app. If not, see <http://www.gnu.org/licenses/>.
|
|
194
|
+
|
|
195
|
+
[sqlite]: https://sqlite.org/
|
|
196
|
+
[redis]: https://redis.io/
|
|
197
|
+
[nmap]: https://nmap.org/
|
|
198
|
+
[masscan]: https://github.com/robertdavidgraham/masscan#readme
|
|
199
|
+
|
|
200
|
+
[Ruby]: https://www.ruby-lang.org/
|
|
201
|
+
[dry-types]: https://dry-rb.org/gems/dry-types/
|
|
202
|
+
[dry-schema]: https://dry-rb.org/gems/dry-schema/
|
|
203
|
+
[dry-validation]: https://dry-rb.org/gems/dry-validation/
|
|
204
|
+
|
|
205
|
+
[ronin-support]: https://github.com/ronin-rb/ronin-support#readme
|
|
206
|
+
[ronin-repos]: https://github.com/ronin-rb/ronin-repos#readme
|
|
207
|
+
[ronin-db]: https://github.com/ronin-rb/ronin-db#readme
|
|
208
|
+
[ronin-payloads]: https://github.com/ronin-rb/ronin-payloads#readme
|
|
209
|
+
[ronin-vulns]: https://github.com/ronin-rb/ronin-vulns#readme
|
|
210
|
+
[ronin-exploits]: https://github.com/ronin-rb/ronin-exploits#readme
|
|
211
|
+
[ronin-nmap]: https://github.com/ronin-rb/ronin-nmap#readme
|
|
212
|
+
[ronin-masscan]: https://github.com/ronin-rb/ronin-masscan#readme
|
|
213
|
+
[ronin-web-spider]: https://github.com/ronin-rb/ronin-web-spider#readme
|
|
214
|
+
[ronin-recon]: https://github.com/ronin-rb/ronin-recon#readme
|
|
215
|
+
[ronin-vulns]: https://github.com/ronin-rb/ronin-vulns#readme
|
data/Rakefile
ADDED
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
begin
|
|
4
|
+
require 'bundler'
|
|
5
|
+
rescue LoadError => e
|
|
6
|
+
warn e.message
|
|
7
|
+
warn "Run `gem install bundler` to install Bundler"
|
|
8
|
+
exit(-1)
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
begin
|
|
12
|
+
Bundler.setup(:development)
|
|
13
|
+
rescue Bundler::BundlerError => e
|
|
14
|
+
warn e.message
|
|
15
|
+
warn "Run `bundle install` to install missing gems"
|
|
16
|
+
exit e.status_code
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
require 'rake'
|
|
20
|
+
|
|
21
|
+
require 'rubygems/tasks'
|
|
22
|
+
Gem::Tasks.new(sign: {checksum: true, pgp: true})
|
|
23
|
+
|
|
24
|
+
require 'rspec/core/rake_task'
|
|
25
|
+
RSpec::Core::RakeTask.new
|
|
26
|
+
task :test => :spec
|
|
27
|
+
task :default => :spec
|
|
28
|
+
|
|
29
|
+
require 'yard'
|
|
30
|
+
YARD::Rake::YardocTask.new
|
|
31
|
+
task :docs => :yard
|
|
32
|
+
|
|
33
|
+
require 'kramdown/man/task'
|
|
34
|
+
Kramdown::Man::Task.new
|
|
35
|
+
|
|
36
|
+
require 'ronin/db/tasks'
|
|
37
|
+
Ronin::DB::Tasks.new(
|
|
38
|
+
database: {
|
|
39
|
+
adapter: :sqlite3,
|
|
40
|
+
database: 'db/dev.sqlite3'
|
|
41
|
+
}
|
|
42
|
+
)
|
|
43
|
+
|
|
44
|
+
task :setup => %w[man db:migrate]
|