ronin-recon 0.1.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.document +4 -0
- data/.github/workflows/ruby.yml +46 -0
- data/.gitignore +20 -0
- data/.rspec +1 -0
- data/.rubocop.yml +44 -0
- data/.ruby-version +1 -0
- data/.yardopts +1 -0
- data/COPYING.txt +165 -0
- data/ChangeLog.md +36 -0
- data/Gemfile +62 -0
- data/README.md +391 -0
- data/Rakefile +74 -0
- data/bin/ronin-recon +16 -0
- data/data/completions/ronin-recon +95 -0
- data/data/templates/worker.rb.erb +67 -0
- data/data/wordlists/raft-small-directories.txt.gz +0 -0
- data/data/wordlists/subdomains-1000.txt.gz +0 -0
- data/examples/recon.rb +24 -0
- data/gemspec.yml +57 -0
- data/lib/ronin/recon/builtin/dns/lookup.rb +65 -0
- data/lib/ronin/recon/builtin/dns/mailservers.rb +64 -0
- data/lib/ronin/recon/builtin/dns/nameservers.rb +61 -0
- data/lib/ronin/recon/builtin/dns/reverse_lookup.rb +63 -0
- data/lib/ronin/recon/builtin/dns/srv_enum.rb +178 -0
- data/lib/ronin/recon/builtin/dns/subdomain_enum.rb +105 -0
- data/lib/ronin/recon/builtin/dns/suffix_enum.rb +168 -0
- data/lib/ronin/recon/builtin/net/ip_range_enum.rb +65 -0
- data/lib/ronin/recon/builtin/net/port_scan.rb +84 -0
- data/lib/ronin/recon/builtin/net/service_id.rb +75 -0
- data/lib/ronin/recon/builtin/ssl/cert_enum.rb +109 -0
- data/lib/ronin/recon/builtin/ssl/cert_grab.rb +76 -0
- data/lib/ronin/recon/builtin/ssl/cert_sh.rb +77 -0
- data/lib/ronin/recon/builtin/web/dir_enum.rb +121 -0
- data/lib/ronin/recon/builtin/web/email_addresses.rb +70 -0
- data/lib/ronin/recon/builtin/web/spider.rb +93 -0
- data/lib/ronin/recon/builtin.rb +34 -0
- data/lib/ronin/recon/cli/command.rb +40 -0
- data/lib/ronin/recon/cli/commands/completion.rb +61 -0
- data/lib/ronin/recon/cli/commands/irb.rb +57 -0
- data/lib/ronin/recon/cli/commands/new.rb +203 -0
- data/lib/ronin/recon/cli/commands/run.rb +420 -0
- data/lib/ronin/recon/cli/commands/test.rb +99 -0
- data/lib/ronin/recon/cli/commands/worker.rb +114 -0
- data/lib/ronin/recon/cli/commands/workers.rb +80 -0
- data/lib/ronin/recon/cli/debug_option.rb +45 -0
- data/lib/ronin/recon/cli/printing.rb +122 -0
- data/lib/ronin/recon/cli/ruby_shell.rb +51 -0
- data/lib/ronin/recon/cli/worker_command.rb +105 -0
- data/lib/ronin/recon/cli.rb +50 -0
- data/lib/ronin/recon/config.rb +371 -0
- data/lib/ronin/recon/dns_worker.rb +41 -0
- data/lib/ronin/recon/engine.rb +639 -0
- data/lib/ronin/recon/exceptions.rb +45 -0
- data/lib/ronin/recon/graph.rb +127 -0
- data/lib/ronin/recon/importer.rb +224 -0
- data/lib/ronin/recon/input_file.rb +81 -0
- data/lib/ronin/recon/message/job_completed.rb +60 -0
- data/lib/ronin/recon/message/job_failed.rb +69 -0
- data/lib/ronin/recon/message/job_started.rb +60 -0
- data/lib/ronin/recon/message/shutdown.rb +38 -0
- data/lib/ronin/recon/message/value.rb +76 -0
- data/lib/ronin/recon/message/worker_started.rb +51 -0
- data/lib/ronin/recon/message/worker_stopped.rb +51 -0
- data/lib/ronin/recon/mixins/dns.rb +639 -0
- data/lib/ronin/recon/mixins/http.rb +58 -0
- data/lib/ronin/recon/mixins.rb +21 -0
- data/lib/ronin/recon/output_formats/dir.rb +94 -0
- data/lib/ronin/recon/output_formats/dot.rb +155 -0
- data/lib/ronin/recon/output_formats/graph_format.rb +48 -0
- data/lib/ronin/recon/output_formats/graphviz_format.rb +115 -0
- data/lib/ronin/recon/output_formats/pdf.rb +43 -0
- data/lib/ronin/recon/output_formats/png.rb +43 -0
- data/lib/ronin/recon/output_formats/svg.rb +43 -0
- data/lib/ronin/recon/output_formats.rb +48 -0
- data/lib/ronin/recon/registry.rb +35 -0
- data/lib/ronin/recon/root.rb +33 -0
- data/lib/ronin/recon/scope.rb +112 -0
- data/lib/ronin/recon/value/parser.rb +113 -0
- data/lib/ronin/recon/value.rb +110 -0
- data/lib/ronin/recon/value_status.rb +87 -0
- data/lib/ronin/recon/values/cert.rb +168 -0
- data/lib/ronin/recon/values/domain.rb +88 -0
- data/lib/ronin/recon/values/email_address.rb +114 -0
- data/lib/ronin/recon/values/host.rb +137 -0
- data/lib/ronin/recon/values/ip.rb +123 -0
- data/lib/ronin/recon/values/ip_range.rb +155 -0
- data/lib/ronin/recon/values/mailserver.rb +61 -0
- data/lib/ronin/recon/values/nameserver.rb +61 -0
- data/lib/ronin/recon/values/open_port.rb +190 -0
- data/lib/ronin/recon/values/url.rb +218 -0
- data/lib/ronin/recon/values/website.rb +200 -0
- data/lib/ronin/recon/values/wildcard.rb +140 -0
- data/lib/ronin/recon/values.rb +32 -0
- data/lib/ronin/recon/version.rb +26 -0
- data/lib/ronin/recon/web_worker.rb +35 -0
- data/lib/ronin/recon/worker.rb +433 -0
- data/lib/ronin/recon/worker_pool.rb +203 -0
- data/lib/ronin/recon/workers.rb +260 -0
- data/lib/ronin/recon.rb +22 -0
- data/man/ronin-recon-completion.1 +76 -0
- data/man/ronin-recon-completion.1.md +78 -0
- data/man/ronin-recon-irb.1 +27 -0
- data/man/ronin-recon-irb.1.md +26 -0
- data/man/ronin-recon-new.1 +58 -0
- data/man/ronin-recon-new.1.md +59 -0
- data/man/ronin-recon-run.1 +137 -0
- data/man/ronin-recon-run.1.md +115 -0
- data/man/ronin-recon-test.1 +53 -0
- data/man/ronin-recon-test.1.md +55 -0
- data/man/ronin-recon-worker.1 +32 -0
- data/man/ronin-recon-worker.1.md +34 -0
- data/man/ronin-recon-workers.1 +29 -0
- data/man/ronin-recon-workers.1.md +31 -0
- data/man/ronin-recon.1 +57 -0
- data/man/ronin-recon.1.md +57 -0
- data/ronin-recon.gemspec +62 -0
- data/scripts/setup +58 -0
- metadata +364 -0
@@ -0,0 +1,58 @@
|
|
1
|
+
.\" Generated by kramdown-man 1.0.1
|
2
|
+
.\" https://github.com/postmodern/kramdown-man#readme
|
3
|
+
.TH ronin-recon-new 1 "May 2022" Ronin "User Manuals"
|
4
|
+
.SH NAME
|
5
|
+
.PP
|
6
|
+
ronin\-recon\-new \- Creates a new recon worker file
|
7
|
+
.SH SYNOPSIS
|
8
|
+
.PP
|
9
|
+
\fBronin\-recon new\fR \[lB]\fIoptions\fP\[rB] \fIPATH\fP
|
10
|
+
.SH DESCRIPTION
|
11
|
+
.PP
|
12
|
+
Generates a new recon worker file\.
|
13
|
+
.SH ARGUMENTS
|
14
|
+
.TP
|
15
|
+
\fIPATH\fP
|
16
|
+
The path to the new recon worker file to generate\.
|
17
|
+
.SH OPTIONS
|
18
|
+
.TP
|
19
|
+
\fB\-t\fR, \fB\-\-type\fR \fBworker\fR\[or]\fBdns\fR\[or]\fBweb\fR
|
20
|
+
The type of recon worker to generate\.
|
21
|
+
.TP
|
22
|
+
\fB\-a\fR, \fB\-\-author\fR \fINAME\fP
|
23
|
+
The name of the author\. Defaults to the configured git author name or the
|
24
|
+
\fBUSERNAME\fR environment variable\.
|
25
|
+
.TP
|
26
|
+
\fB\-e\fR, \fB\-\-author\-email\fR \fIEMAIL\fP
|
27
|
+
The email address of the author\. Defaults to the configured git author email\.
|
28
|
+
.TP
|
29
|
+
\fB\-S\fR, \fB\-\-summary\fR \fITEXT\fP
|
30
|
+
The summary text for the new recon worker\.
|
31
|
+
.TP
|
32
|
+
\fB\-D\fR, \fB\-\-description\fR \fITEXT\fP
|
33
|
+
The description text for the new recon worker\.
|
34
|
+
.TP
|
35
|
+
\fB\-R\fR, \fB\-\-reference\fR \fIURL\fP
|
36
|
+
Adds a reference URL to the new recon worker\.
|
37
|
+
.TP
|
38
|
+
\fB\-A\fR, \fB\-\-accepts\fR \fBcert\fR\[or]\fBdomain\[or]email\[ru]address\[or]host\[or]ip\[ru]range\[or]ip\[or]mailserver\[or]nameserver\[or]open\[ru]port\[or]url\[or]website\[or]wildcard\fR
|
39
|
+
The value type(s) that the recon worker accepts\.
|
40
|
+
.TP
|
41
|
+
\fB\-O\fR, \fB\-\-outputs\fR \fBcert\fR\[or]\fBdomain\[or]email\[ru]address\[or]host\[or]ip\[ru]range\[or]ip\[or]mailserver\[or]nameserver\[or]open\[ru]port\[or]url\[or]website\[or]wildcard\fR
|
42
|
+
The value type(s) that the recon worker outputs\.
|
43
|
+
.TP
|
44
|
+
\fB\-I\fR, \fB\-\-intensity\fR \fBpassive\fR\[or]\fBactive\fR\[or]\fBaggressive\fR
|
45
|
+
The intensity of the recon worker\.
|
46
|
+
.TP
|
47
|
+
\fB\-h\fR, \fB\-\-help\fR
|
48
|
+
Print help information
|
49
|
+
.SH AUTHOR
|
50
|
+
.PP
|
51
|
+
Postmodern
|
52
|
+
.MT postmodern\.mod3\[at]gmail\.com
|
53
|
+
.ME
|
54
|
+
.SH SEE ALSO
|
55
|
+
.PP
|
56
|
+
.BR ronin\-payloads\-workers (1)
|
57
|
+
.BR ronin\-payloads\-worker (1)
|
58
|
+
.BR ronin\-payloads\-test (1)
|
@@ -0,0 +1,59 @@
|
|
1
|
+
# ronin-recon-new 1 "May 2022" Ronin "User Manuals"
|
2
|
+
|
3
|
+
## NAME
|
4
|
+
|
5
|
+
ronin-recon-new - Creates a new recon worker file
|
6
|
+
|
7
|
+
## SYNOPSIS
|
8
|
+
|
9
|
+
`ronin-recon new` [*options*] *PATH*
|
10
|
+
|
11
|
+
## DESCRIPTION
|
12
|
+
|
13
|
+
Generates a new recon worker file.
|
14
|
+
|
15
|
+
## ARGUMENTS
|
16
|
+
|
17
|
+
*PATH*
|
18
|
+
: The path to the new recon worker file to generate.
|
19
|
+
|
20
|
+
## OPTIONS
|
21
|
+
|
22
|
+
`-t`, `--type` `worker`\|`dns`\|`web`
|
23
|
+
: The type of recon worker to generate.
|
24
|
+
|
25
|
+
`-a`, `--author` *NAME*
|
26
|
+
: The name of the author. Defaults to the configured git author name or the
|
27
|
+
`USERNAME` environment variable.
|
28
|
+
|
29
|
+
`-e`, `--author-email` *EMAIL*
|
30
|
+
: The email address of the author. Defaults to the configured git author email.
|
31
|
+
|
32
|
+
`-S`, `--summary` *TEXT*
|
33
|
+
: The summary text for the new recon worker.
|
34
|
+
|
35
|
+
`-D`, `--description` *TEXT*
|
36
|
+
: The description text for the new recon worker.
|
37
|
+
|
38
|
+
`-R`, `--reference` *URL*
|
39
|
+
: Adds a reference URL to the new recon worker.
|
40
|
+
|
41
|
+
`-A`, `--accepts` `cert`\|`domain|email_address|host|ip_range|ip|mailserver|nameserver|open_port|url|website|wildcard`
|
42
|
+
: The value type(s) that the recon worker accepts.
|
43
|
+
|
44
|
+
`-O`, `--outputs` `cert`\|`domain|email_address|host|ip_range|ip|mailserver|nameserver|open_port|url|website|wildcard`
|
45
|
+
: The value type(s) that the recon worker outputs.
|
46
|
+
|
47
|
+
`-I`, `--intensity` `passive`\|`active`\|`aggressive`
|
48
|
+
: The intensity of the recon worker.
|
49
|
+
|
50
|
+
`-h`, `--help`
|
51
|
+
: Print help information
|
52
|
+
|
53
|
+
## AUTHOR
|
54
|
+
|
55
|
+
Postmodern <postmodern.mod3@gmail.com>
|
56
|
+
|
57
|
+
## SEE ALSO
|
58
|
+
|
59
|
+
[ronin-payloads-workers](ronin-payloads-workers.1.md) [ronin-payloads-worker](ronin-payloads-worker.1.md) [ronin-payloads-test](ronin-payloads-test.1.md)
|
@@ -0,0 +1,137 @@
|
|
1
|
+
.\" Generated by kramdown-man 1.0.1
|
2
|
+
.\" https://github.com/postmodern/kramdown-man#readme
|
3
|
+
.TH ronin-recon-test 1 "2023-05-01" Ronin "User Manuals"
|
4
|
+
.SH NAME
|
5
|
+
.PP
|
6
|
+
ronin\-recon\-run \- Runs the recon engine with one or more initial values
|
7
|
+
.SH SYNOPSIS
|
8
|
+
.PP
|
9
|
+
\fBronin\-recon run\fR \[lB]\fIoptions\fP\[rB] \[lC]\fIIP\fP \[or] \fIIP\-range\fP \[or] \fIDOMAIN\fP \[or] \fIHOST\fP \[or] \fIWILDCARD\fP \[or] \fIWEBSITE\fP\[rC] \.\.\.
|
10
|
+
.SH DESCRIPTION
|
11
|
+
.PP
|
12
|
+
Runs the recon engine with one or more initial values\.
|
13
|
+
.SH ARGUMENTS
|
14
|
+
.TP
|
15
|
+
\fIIP\fP
|
16
|
+
An IP address to recon (ex: \fB192\.168\.1\.1\fR)\.
|
17
|
+
.TP
|
18
|
+
\fIIP\-range\fP
|
19
|
+
A CIDR IP range to recon (ex: \fB192\.168\.1\.0\[sl]24\fR)\.
|
20
|
+
.TP
|
21
|
+
\fIDOMAIN\fP
|
22
|
+
A top\-level domain name to recon (ex: \fBexample\.com\fR)\.
|
23
|
+
.TP
|
24
|
+
\fIHOST\fP
|
25
|
+
A sub\-domain to recon (ex: \fBwww\.example\.com\fR)\.
|
26
|
+
.TP
|
27
|
+
\fIWILDCARD\fP
|
28
|
+
A wildcard host name (ex: \fB*\.example\.com\fR)\.
|
29
|
+
.TP
|
30
|
+
\fIWEBSITE\fP
|
31
|
+
A website base URL to recon (ex: \fBhttps:\[sl]\[sl]example\.com\fR)\.
|
32
|
+
.SH OPTIONS
|
33
|
+
.TP
|
34
|
+
\fB\-D\fR, \fB\-\-debug\fR
|
35
|
+
Enables debugging output\.
|
36
|
+
.TP
|
37
|
+
\fB\-C\fR, \fB\-\-config\-file\fR \fIFILE\fP
|
38
|
+
Loads the \fBronin\-recon\fR configuration file\. If not specified, then
|
39
|
+
\fB\[ti]\[sl]\.config\[sl]ronin\-recon\[sl]config\.yml\fR will be loaded instead\.
|
40
|
+
.TP
|
41
|
+
\fB\-w\fR, \fB\-\-worker\fR \fIWORKER\fP
|
42
|
+
Explicitly uses the specified worker instead of the default set of workers\.
|
43
|
+
.TP
|
44
|
+
\fB\-e\fR, \fB\-\-enable\fR \fIWORKER\fP
|
45
|
+
Enables the worker in addition to the default set of workers\.
|
46
|
+
.TP
|
47
|
+
\fB\-d\fR, \fB\-\-disable\fR \fIWORKER\fP
|
48
|
+
Disables the worker from the default set of workers\.
|
49
|
+
.TP
|
50
|
+
\fB\-\-worker\-file\fR \fIFILE\fP
|
51
|
+
Loads a custom worker from the specified \fB\.rb\fR file\.
|
52
|
+
.TP
|
53
|
+
\fB\-p\fR, \fB\-\-param\fR \fIWORKER\fP\fB\.\fR\fINAME\fP\fB\[eq]\fR\fIVALUE\fP
|
54
|
+
Sets a param value for the given worker\.
|
55
|
+
.TP
|
56
|
+
\fB\-c\fR, \fB\-\-concurrency\fR \fIWORKER\fP\fB\[eq]\fR\fINUM\fP
|
57
|
+
Overrides the concurrency for the given worker\.
|
58
|
+
.TP
|
59
|
+
\fB\-\-max\-depth\fR \fINUM\fP
|
60
|
+
The maximum recon depth\. Defaults to depth of \fB3\fR if the option is not
|
61
|
+
specified\.
|
62
|
+
.TP
|
63
|
+
\fB\-o\fR, \fB\-\-output\fR \fIFILE\fP
|
64
|
+
The output file to write results to\.
|
65
|
+
.TP
|
66
|
+
\fB\-F\fR, \fB\-\-output\-format\fR \fBtxt\fR\[or]\fBlist\fR\[or]\fBcsv\fR\[or]\fBjson\fR\[or]\fBndjson\fR\[or]\fBdot\fR\[or]\fBsvg\fR\[or]\fBpng\fR\[or]\fBpdf\fR
|
67
|
+
The output format\. If not specified, the output format will be inferred from
|
68
|
+
the \fB\-\-output\fR \fIFILE\fP extension\.
|
69
|
+
.TP
|
70
|
+
\fB\-\-import\fR
|
71
|
+
Imports each newly discovered value into the Ronin database\.
|
72
|
+
.TP
|
73
|
+
\fB\-I\fR, \fB\-\-ignore\fR \fIVALUE\fP
|
74
|
+
The value to ignore from the result\.
|
75
|
+
.TP
|
76
|
+
\fB\-h\fR, \fB\-\-help\fR
|
77
|
+
Print help information
|
78
|
+
.SH EXAMPLES
|
79
|
+
.PP
|
80
|
+
Run the recon engine on a single domain:
|
81
|
+
.PP
|
82
|
+
.RS 4
|
83
|
+
.EX
|
84
|
+
\[Do] ronin\-recon run example\.com
|
85
|
+
.EE
|
86
|
+
.RE
|
87
|
+
.PP
|
88
|
+
Run the recon engine on a single host\-name:
|
89
|
+
.PP
|
90
|
+
.RS 4
|
91
|
+
.EX
|
92
|
+
\[Do] ronin\-recon run www\.example\.com
|
93
|
+
.EE
|
94
|
+
.RE
|
95
|
+
.PP
|
96
|
+
Run the recon engine on a single IP address:
|
97
|
+
.PP
|
98
|
+
.RS 4
|
99
|
+
.EX
|
100
|
+
\[Do] ronin\-recon run 1\.1\.1\.1
|
101
|
+
.EE
|
102
|
+
.RE
|
103
|
+
.PP
|
104
|
+
Run the recon engine on an IP range:
|
105
|
+
.PP
|
106
|
+
.RS 4
|
107
|
+
.EX
|
108
|
+
\[Do] ronin\-recon run 1\.1\.1\.1\[sl]24
|
109
|
+
.EE
|
110
|
+
.RE
|
111
|
+
.PP
|
112
|
+
Run the recon engine on multiple targets:
|
113
|
+
.PP
|
114
|
+
.RS 4
|
115
|
+
.EX
|
116
|
+
\[Do] ronin\-recon run example1\.com example2\.com secret\.foo\.example1\.com \e
|
117
|
+
secret\.bar\.example2\.com 1\.1\.1\.1\[sl]24
|
118
|
+
.EE
|
119
|
+
.RE
|
120
|
+
.PP
|
121
|
+
Run the recon engine and ignore specific hosts, IPs, URLs, etc\.:
|
122
|
+
.PP
|
123
|
+
.RS 4
|
124
|
+
.EX
|
125
|
+
\[Do] ronin\-recon run \-\-ignore staging\.example\.com example\.com
|
126
|
+
.EE
|
127
|
+
.RE
|
128
|
+
.SH AUTHOR
|
129
|
+
.PP
|
130
|
+
Postmodern
|
131
|
+
.MT postmodern\.mod3\[at]gmail\.com
|
132
|
+
.ME
|
133
|
+
.SH SEE ALSO
|
134
|
+
.PP
|
135
|
+
.BR ronin\-recon\-workers (1)
|
136
|
+
.BR ronin\-recon\-worker (1)
|
137
|
+
.BR ronin\-recon\-test (1)
|
@@ -0,0 +1,115 @@
|
|
1
|
+
# ronin-recon-test 1 "2023-05-01" Ronin "User Manuals"
|
2
|
+
|
3
|
+
## NAME
|
4
|
+
|
5
|
+
ronin-recon-run - Runs the recon engine with one or more initial values
|
6
|
+
|
7
|
+
## SYNOPSIS
|
8
|
+
|
9
|
+
`ronin-recon run` [*options*] {*IP* \| *IP-range* \| *DOMAIN* \| *HOST* \| *WILDCARD* \| *WEBSITE*} ...
|
10
|
+
|
11
|
+
## DESCRIPTION
|
12
|
+
|
13
|
+
Runs the recon engine with one or more initial values.
|
14
|
+
|
15
|
+
## ARGUMENTS
|
16
|
+
|
17
|
+
*IP*
|
18
|
+
: An IP address to recon (ex: `192.168.1.1`).
|
19
|
+
|
20
|
+
*IP-range*
|
21
|
+
: A CIDR IP range to recon (ex: `192.168.1.0/24`).
|
22
|
+
|
23
|
+
*DOMAIN*
|
24
|
+
: A top-level domain name to recon (ex: `example.com`).
|
25
|
+
|
26
|
+
*HOST*
|
27
|
+
: A sub-domain to recon (ex: `www.example.com`).
|
28
|
+
|
29
|
+
*WILDCARD*
|
30
|
+
: A wildcard host name (ex: `*.example.com`).
|
31
|
+
|
32
|
+
*WEBSITE*
|
33
|
+
: A website base URL to recon (ex: `https://example.com`).
|
34
|
+
|
35
|
+
## OPTIONS
|
36
|
+
|
37
|
+
`-D`, `--debug`
|
38
|
+
: Enables debugging output.
|
39
|
+
|
40
|
+
`-C`, `--config-file` *FILE*
|
41
|
+
: Loads the `ronin-recon` configuration file. If not specified, then
|
42
|
+
`~/.config/ronin-recon/config.yml` will be loaded instead.
|
43
|
+
|
44
|
+
`-w`, `--worker` *WORKER*
|
45
|
+
: Explicitly uses the specified worker instead of the default set of workers.
|
46
|
+
|
47
|
+
`-e`, `--enable` *WORKER*
|
48
|
+
: Enables the worker in addition to the default set of workers.
|
49
|
+
|
50
|
+
`-d`, `--disable` *WORKER*
|
51
|
+
: Disables the worker from the default set of workers.
|
52
|
+
|
53
|
+
`--worker-file` *FILE*
|
54
|
+
: Loads a custom worker from the specified `.rb` file.
|
55
|
+
|
56
|
+
`-p`, `--param` *WORKER*`.`*NAME*`=`*VALUE*
|
57
|
+
: Sets a param value for the given worker.
|
58
|
+
|
59
|
+
`-c`, `--concurrency` *WORKER*`=`*NUM*
|
60
|
+
: Overrides the concurrency for the given worker.
|
61
|
+
|
62
|
+
`--max-depth` *NUM*
|
63
|
+
: The maximum recon depth. Defaults to depth of `3` if the option is not
|
64
|
+
specified.
|
65
|
+
|
66
|
+
`-o`, `--output` *FILE*
|
67
|
+
: The output file to write results to.
|
68
|
+
|
69
|
+
`-F`, `--output-format` `txt`\|`list`\|`csv`\|`json`\|`ndjson`\|`dot`\|`svg`\|`png`\|`pdf`
|
70
|
+
: The output format. If not specified, the output format will be inferred from
|
71
|
+
the `--output` *FILE* extension.
|
72
|
+
|
73
|
+
`--import`
|
74
|
+
: Imports each newly discovered value into the Ronin database.
|
75
|
+
|
76
|
+
`-I`, `--ignore` *VALUE*
|
77
|
+
: The value to ignore from the result.
|
78
|
+
|
79
|
+
`-h`, `--help`
|
80
|
+
: Print help information
|
81
|
+
|
82
|
+
## EXAMPLES
|
83
|
+
|
84
|
+
Run the recon engine on a single domain:
|
85
|
+
|
86
|
+
$ ronin-recon run example.com
|
87
|
+
|
88
|
+
Run the recon engine on a single host-name:
|
89
|
+
|
90
|
+
$ ronin-recon run www.example.com
|
91
|
+
|
92
|
+
Run the recon engine on a single IP address:
|
93
|
+
|
94
|
+
$ ronin-recon run 1.1.1.1
|
95
|
+
|
96
|
+
Run the recon engine on an IP range:
|
97
|
+
|
98
|
+
$ ronin-recon run 1.1.1.1/24
|
99
|
+
|
100
|
+
Run the recon engine on multiple targets:
|
101
|
+
|
102
|
+
$ ronin-recon run example1.com example2.com secret.foo.example1.com \
|
103
|
+
secret.bar.example2.com 1.1.1.1/24
|
104
|
+
|
105
|
+
Run the recon engine and ignore specific hosts, IPs, URLs, etc.:
|
106
|
+
|
107
|
+
$ ronin-recon run --ignore staging.example.com example.com
|
108
|
+
|
109
|
+
## AUTHOR
|
110
|
+
|
111
|
+
Postmodern <postmodern.mod3@gmail.com>
|
112
|
+
|
113
|
+
## SEE ALSO
|
114
|
+
|
115
|
+
[ronin-recon-workers](ronin-recon-workers.1.md) [ronin-recon-worker](ronin-recon-worker.1.md) [ronin-recon-test](ronin-recon-test.1.md)
|
@@ -0,0 +1,53 @@
|
|
1
|
+
.\" Generated by kramdown-man 1.0.1
|
2
|
+
.\" https://github.com/postmodern/kramdown-man#readme
|
3
|
+
.TH ronin-recon-test 1 "2023-05-01" Ronin "User Manuals"
|
4
|
+
.SH NAME
|
5
|
+
.PP
|
6
|
+
ronin\-recon\-test \- Loads an individual worker and tests it
|
7
|
+
.SH SYNOPSIS
|
8
|
+
.PP
|
9
|
+
\fBronin\-recon test\fR \[lB]\fIoptions\fP\[rB] \[lC]\fB\-\-file\fR \fIFILE\fP \[or] \fINAME\fP\[rC] \[lC]\fIIP\fP \[or] \fIIP\-range\fP \[or] \fIDOMAIN\fP \[or] \fIHOST\fP \[or] \fIWILDCARD\fP \[or] \fIWEBSITE\fP\[rC]
|
10
|
+
.SH DESCRIPTION
|
11
|
+
.PP
|
12
|
+
Loads an individual worker and tests it with an input value\.\.
|
13
|
+
.SH ARGUMENTS
|
14
|
+
.TP
|
15
|
+
\fINAME\fP
|
16
|
+
The name of the recon worker to load\.
|
17
|
+
.TP
|
18
|
+
\fIIP\fP
|
19
|
+
An IP address to recon (ex: \fB192\.168\.1\.1\fR)\.
|
20
|
+
.TP
|
21
|
+
\fIIP\-range\fP
|
22
|
+
A CIDR IP range to recon (ex: \fB192\.168\.1\.0\[sl]24\fR)\.
|
23
|
+
.TP
|
24
|
+
\fIDOMAIN\fP
|
25
|
+
A top\-level domain name to recon (ex: \fBexample\.com\fR)\.
|
26
|
+
.TP
|
27
|
+
\fIHOST\fP
|
28
|
+
A sub\-domain to recon (ex: \fBwww\.example\.com\fR)\.
|
29
|
+
.TP
|
30
|
+
\fIWILDCARD\fP
|
31
|
+
A wildcard host name (ex: \fB*\.example\.com\fR)\.
|
32
|
+
.TP
|
33
|
+
\fIWEBSITE\fP
|
34
|
+
A website base URL to recon (ex: \fBhttps:\[sl]\[sl]example\.com\fR)\.
|
35
|
+
.SH OPTIONS
|
36
|
+
.TP
|
37
|
+
\fB\-f\fR, \fB\-\-file\fR \fIFILE\fP
|
38
|
+
Optionally loads the recon worker from the file\.
|
39
|
+
.TP
|
40
|
+
\fB\-D\fR, \fB\-\-debug\fR
|
41
|
+
Enables debugging output\.
|
42
|
+
.TP
|
43
|
+
\fB\-h\fR, \fB\-\-help\fR
|
44
|
+
Print help information
|
45
|
+
.SH AUTHOR
|
46
|
+
.PP
|
47
|
+
Postmodern
|
48
|
+
.MT postmodern\.mod3\[at]gmail\.com
|
49
|
+
.ME
|
50
|
+
.SH SEE ALSO
|
51
|
+
.PP
|
52
|
+
.BR ronin\-recon\-workers (1)
|
53
|
+
.BR ronin\-recon\-run (1)
|
@@ -0,0 +1,55 @@
|
|
1
|
+
# ronin-recon-test 1 "2023-05-01" Ronin "User Manuals"
|
2
|
+
|
3
|
+
## NAME
|
4
|
+
|
5
|
+
ronin-recon-test - Loads an individual worker and tests it
|
6
|
+
|
7
|
+
## SYNOPSIS
|
8
|
+
|
9
|
+
`ronin-recon test` [*options*] {`--file` *FILE* \| *NAME*} {*IP* \| *IP-range* \| *DOMAIN* \| *HOST* \| *WILDCARD* \| *WEBSITE*}
|
10
|
+
|
11
|
+
## DESCRIPTION
|
12
|
+
|
13
|
+
Loads an individual worker and tests it with an input value..
|
14
|
+
|
15
|
+
## ARGUMENTS
|
16
|
+
|
17
|
+
*NAME*
|
18
|
+
: The name of the recon worker to load.
|
19
|
+
|
20
|
+
*IP*
|
21
|
+
: An IP address to recon (ex: `192.168.1.1`).
|
22
|
+
|
23
|
+
*IP-range*
|
24
|
+
: A CIDR IP range to recon (ex: `192.168.1.0/24`).
|
25
|
+
|
26
|
+
*DOMAIN*
|
27
|
+
: A top-level domain name to recon (ex: `example.com`).
|
28
|
+
|
29
|
+
*HOST*
|
30
|
+
: A sub-domain to recon (ex: `www.example.com`).
|
31
|
+
|
32
|
+
*WILDCARD*
|
33
|
+
: A wildcard host name (ex: `*.example.com`).
|
34
|
+
|
35
|
+
*WEBSITE*
|
36
|
+
: A website base URL to recon (ex: `https://example.com`).
|
37
|
+
|
38
|
+
## OPTIONS
|
39
|
+
|
40
|
+
`-f`, `--file` *FILE*
|
41
|
+
: Optionally loads the recon worker from the file.
|
42
|
+
|
43
|
+
`-D`, `--debug`
|
44
|
+
: Enables debugging output.
|
45
|
+
|
46
|
+
`-h`, `--help`
|
47
|
+
: Print help information
|
48
|
+
|
49
|
+
## AUTHOR
|
50
|
+
|
51
|
+
Postmodern <postmodern.mod3@gmail.com>
|
52
|
+
|
53
|
+
## SEE ALSO
|
54
|
+
|
55
|
+
[ronin-recon-workers](ronin-recon-workers.1.md) [ronin-recon-run](ronin-recon-run.1.md)
|
@@ -0,0 +1,32 @@
|
|
1
|
+
.\" Generated by kramdown-man 1.0.1
|
2
|
+
.\" https://github.com/postmodern/kramdown-man#readme
|
3
|
+
.TH ronin-recon-worker 1 "2023-05-01" Ronin "User Manuals"
|
4
|
+
.SH NAME
|
5
|
+
.PP
|
6
|
+
ronin\-recon\-worker \- Prints information about a recon worker
|
7
|
+
.SH SYNOPSIS
|
8
|
+
.PP
|
9
|
+
\fBronin\-recon worker\fR \[lB]\fIoptions\fP\[rB] \[lC]\fB\-\-file\fR \fIFILE\fP \[or] \fINAME\fP\[rC]
|
10
|
+
.SH DESCRIPTION
|
11
|
+
.PP
|
12
|
+
Prints information about a recon worker\.
|
13
|
+
.SH ARGUMENTS
|
14
|
+
.TP
|
15
|
+
\fINAME\fP
|
16
|
+
The name of the recon worker to load\.
|
17
|
+
.SH OPTIONS
|
18
|
+
.TP
|
19
|
+
\fB\-f\fR, \fB\-\-file\fR \fIFILE\fP
|
20
|
+
Optionally loads the recon worker from the file\.
|
21
|
+
.TP
|
22
|
+
\fB\-h\fR, \fB\-\-help\fR
|
23
|
+
Print help information
|
24
|
+
.SH AUTHOR
|
25
|
+
.PP
|
26
|
+
Postmodern
|
27
|
+
.MT postmodern\.mod3\[at]gmail\.com
|
28
|
+
.ME
|
29
|
+
.SH SEE ALSO
|
30
|
+
.PP
|
31
|
+
.BR ronin\-recon\-workers (1)
|
32
|
+
.BR ronin\-recon\-run (1)
|
@@ -0,0 +1,34 @@
|
|
1
|
+
# ronin-recon-worker 1 "2023-05-01" Ronin "User Manuals"
|
2
|
+
|
3
|
+
## NAME
|
4
|
+
|
5
|
+
ronin-recon-worker - Prints information about a recon worker
|
6
|
+
|
7
|
+
## SYNOPSIS
|
8
|
+
|
9
|
+
`ronin-recon worker` [*options*] {`--file` *FILE* \| *NAME*}
|
10
|
+
|
11
|
+
## DESCRIPTION
|
12
|
+
|
13
|
+
Prints information about a recon worker.
|
14
|
+
|
15
|
+
## ARGUMENTS
|
16
|
+
|
17
|
+
*NAME*
|
18
|
+
: The name of the recon worker to load.
|
19
|
+
|
20
|
+
## OPTIONS
|
21
|
+
|
22
|
+
`-f`, `--file` *FILE*
|
23
|
+
: Optionally loads the recon worker from the file.
|
24
|
+
|
25
|
+
`-h`, `--help`
|
26
|
+
: Print help information
|
27
|
+
|
28
|
+
## AUTHOR
|
29
|
+
|
30
|
+
Postmodern <postmodern.mod3@gmail.com>
|
31
|
+
|
32
|
+
## SEE ALSO
|
33
|
+
|
34
|
+
[ronin-recon-workers](ronin-recon-workers.1.md) [ronin-recon-run](ronin-recon-run.1.md)
|
@@ -0,0 +1,29 @@
|
|
1
|
+
.\" Generated by kramdown-man 1.0.1
|
2
|
+
.\" https://github.com/postmodern/kramdown-man#readme
|
3
|
+
.TH ronin-recon-workers 1 "2023-05-01" Ronin "User Manuals"
|
4
|
+
.SH NAME
|
5
|
+
.PP
|
6
|
+
ronin\-recon\-workers \- Lists the available recon workers
|
7
|
+
.SH SYNOPSIS
|
8
|
+
.PP
|
9
|
+
\fBronin\-recon workers\fR \[lB]\fIoptions\fP\[rB] \fIDIR\fP
|
10
|
+
.SH DESCRIPTION
|
11
|
+
.PP
|
12
|
+
Lists available recon workers\.
|
13
|
+
.SH ARGUMENTS
|
14
|
+
.TP
|
15
|
+
\fIDIR\fP
|
16
|
+
The optional directory to list workers from\.
|
17
|
+
.SH OPTIONS
|
18
|
+
.TP
|
19
|
+
\fB\-h\fR, \fB\-\-help\fR
|
20
|
+
Print help information
|
21
|
+
.SH AUTHOR
|
22
|
+
.PP
|
23
|
+
Postmodern
|
24
|
+
.MT postmodern\.mod3\[at]gmail\.com
|
25
|
+
.ME
|
26
|
+
.SH SEE ALSO
|
27
|
+
.PP
|
28
|
+
.BR ronin\-recon\-worker (1)
|
29
|
+
.BR ronin\-recon\-run (1)
|
@@ -0,0 +1,31 @@
|
|
1
|
+
# ronin-recon-workers 1 "2023-05-01" Ronin "User Manuals"
|
2
|
+
|
3
|
+
## NAME
|
4
|
+
|
5
|
+
ronin-recon-workers - Lists the available recon workers
|
6
|
+
|
7
|
+
## SYNOPSIS
|
8
|
+
|
9
|
+
`ronin-recon workers` [*options*] *DIR*
|
10
|
+
|
11
|
+
## DESCRIPTION
|
12
|
+
|
13
|
+
Lists available recon workers.
|
14
|
+
|
15
|
+
## ARGUMENTS
|
16
|
+
|
17
|
+
*DIR*
|
18
|
+
: The optional directory to list workers from.
|
19
|
+
|
20
|
+
## OPTIONS
|
21
|
+
|
22
|
+
`-h`, `--help`
|
23
|
+
: Print help information
|
24
|
+
|
25
|
+
## AUTHOR
|
26
|
+
|
27
|
+
Postmodern <postmodern.mod3@gmail.com>
|
28
|
+
|
29
|
+
## SEE ALSO
|
30
|
+
|
31
|
+
[ronin-recon-worker](ronin-recon-worker.1.md) [ronin-recon-run](ronin-recon-run.1.md)
|
data/man/ronin-recon.1
ADDED
@@ -0,0 +1,57 @@
|
|
1
|
+
.\" Generated by kramdown-man 1.0.1
|
2
|
+
.\" https://github.com/postmodern/kramdown-man#readme
|
3
|
+
.TH ronin-recon 1 "2024-01-01" Ronin Recon "User Manuals"
|
4
|
+
.SH NAME
|
5
|
+
.PP
|
6
|
+
ronin\-recon \- A micro\-framework and tool for performing reconnaissance\.
|
7
|
+
.SH SYNOPSIS
|
8
|
+
.PP
|
9
|
+
\fBronin\-recon\fR \[lB]\fIoptions\fP\[rB] \[lB]\fICOMMAND\fP \[lB]\.\.\.\[rB]\[rB]
|
10
|
+
.SH DESCRIPTION
|
11
|
+
.PP
|
12
|
+
Runs a \fBronin\-recon\fR \fICOMMAND\fP\.
|
13
|
+
.SH ARGUMENTS
|
14
|
+
.TP
|
15
|
+
\fICOMMAND\fP
|
16
|
+
The \fBronin\-recon\fR command to execute\.
|
17
|
+
.SH OPTIONS
|
18
|
+
.TP
|
19
|
+
\fB\-V\fR, \fB\-\-version\fR
|
20
|
+
Prints the \fBronin\-recon\fR version and exits\.
|
21
|
+
.TP
|
22
|
+
\fB\-h\fR, \fB\-\-help\fR
|
23
|
+
Print help information
|
24
|
+
.SH COMMANDS
|
25
|
+
.TP
|
26
|
+
\fIcompletion\fP
|
27
|
+
Manages the shell completion rules for \fBronin\-recon\fR\.
|
28
|
+
.TP
|
29
|
+
\fIhelp\fP
|
30
|
+
Lists available commands or shows help about a specific command\.
|
31
|
+
.TP
|
32
|
+
\fIirb\fP
|
33
|
+
Starts an interactive Ruby shell with ronin\-recon loaded\.
|
34
|
+
.TP
|
35
|
+
\fInew\fP
|
36
|
+
Creates a new recon worker file\.
|
37
|
+
.TP
|
38
|
+
\fItest\fP
|
39
|
+
Loads an individual worker and tests it\.
|
40
|
+
.TP
|
41
|
+
\fIworker\fP
|
42
|
+
Prints information about a recon worker\.
|
43
|
+
.TP
|
44
|
+
\fIworkers\fP
|
45
|
+
Lists the available recon workers\.
|
46
|
+
.SH AUTHOR
|
47
|
+
.PP
|
48
|
+
Postmodern
|
49
|
+
.MT postmodern\.mod3\[at]gmail\.com
|
50
|
+
.ME
|
51
|
+
.SH SEE ALSO
|
52
|
+
.PP
|
53
|
+
.BR ronin\-recon\-completion (1)
|
54
|
+
.BR ronin\-recon\-new (1)
|
55
|
+
.BR ronin\-recon\-test (1)
|
56
|
+
.BR ronin\-recon\-worker (1)
|
57
|
+
.BR ronin\-recon\-workers (1)
|