ronin-recon 0.1.0.rc1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 1a9c5f1341f2119335b680ceb29bed06bafa19a74664bacf71d4385ec2b517cb
+  data.tar.gz: b0ba0ddde38138cb220ba5dc8b6a31005811622086b37ed51a1de5a3f80cc717
+SHA512:
+  metadata.gz: 9d6dac836e0943da2c2dc1478ce4bc557328811c4a9c4edb035462aaae0cfe3827f8b40acb7863a0ea61060c7f110a934e3f58ed5658decc776595064be664ba
+  data.tar.gz: 13e2d6e10d7c38e70af52a616cc64f07b794d29535d80195d25e33c2e7f04430ef35964c557bcbfc65ac29177fde916141dc9f25fab261535ea590fc38498cd3

data/.document

@@ -0,0 +1,4 @@
+lib/**/*.rb
+- 
+ChangeLog.md
+COPYING.txt

data/.github/workflows/ruby.yml

@@ -0,0 +1,46 @@
+name: CI
+
+on: [ push, pull_request ]
+
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby:
+          - '3.1'
+          - '3.2'
+          - '3.3'
+          # - jruby
+          # - truffleruby
+    name: Ruby ${{ matrix.ruby }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
+      - name: Install dependencies
+        run: |
+          sudo apt update -y && \
+          sudo apt install -y --no-install-recommends --no-install-suggests graphviz
+      - name: Install dependencies
+        run: bundle install --jobs 4 --retry 3
+      - name: Run tests
+        run: bundle exec rake test
+
+  # rubocop linting
+  rubocop:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 3.0
+      - name: Install dependencies
+        run: bundle install --jobs 4 --retry 3
+      - name: Run rubocop
+        run: bundle exec rubocop --parallel

data/.gitignore

@@ -0,0 +1,20 @@
+/coverage
+/data/completions/ronin-recon
+/doc
+/pkg
+/man/*.[1-9]
+/vendor/bundle
+/Gemfile.lock
+/.bundle
+/.yardoc
+.DS_Store
+*.db
+*.log
+*.swp
+*~
+/*.txt
+/*.csv
+/*.xml
+/*.dot
+/*.svg
+/data/wordlists

data/.rspec

@@ -0,0 +1 @@
+--colour --format documentation

data/.rubocop.yml

@@ -0,0 +1,44 @@
+AllCops:
+  NewCops: enable
+  SuggestExtensions: false
+  TargetRubyVersion: 3.1
+
+inherit_gem:
+  rubocop-ronin: rubocop.yml
+
+#
+# ronin-recon specific exceptions
+#
+
+# Empty classes
+Lint/EmptyClass:
+  Exclude:
+    - 'lib/ronin/recon/value.rb'
+    - 'lib/ronin/recon/message/shutdown.rb'
+
+# Allow Value classes to not call super() in their initialize
+Lint/MissingSuper:
+  Exclude:
+    - 'lib/ronin/recon/values/*.rb'
+
+# Worker#initialize exists for documentation purposes
+Lint/UselessMethodDefinition:
+  Exclude:
+    - 'lib/ronin/recon/worker.rb'
+
+# until is better suited for waiting until the Engine is "empty"
+Style/WhileUntilModifier:
+  Exclude:
+    - 'lib/ronin/recon/engine.rb'
+
+# the Values #=== methods need to compare the other value's class
+Style/ClassEqualityComparison:
+  Exclude:
+    - 'lib/ronin/recon/values/*.rb'
+
+# must use #=== to compare values
+Style/CaseEquality:
+  Exclude:
+    - 'lib/ronin/recon/scope.rb'
+    - 'lib/ronin/recon/values/ip_range.rb'
+    - 'spec/**/*_spec.rb'

data/.ruby-version

@@ -0,0 +1 @@
+ruby-3.1

data/.yardopts

@@ -0,0 +1 @@
+--markup markdown --title 'Ronin::Recon Documentation' --protected

data/COPYING.txt

@@ -0,0 +1,165 @@
+                   GNU LESSER GENERAL PUBLIC LICENSE
+                       Version 3, 29 June 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+
+  This version of the GNU Lesser General Public License incorporates
+the terms and conditions of version 3 of the GNU General Public
+License, supplemented by the additional permissions listed below.
+
+  0. Additional Definitions.
+
+  As used herein, "this License" refers to version 3 of the GNU Lesser
+General Public License, and the "GNU GPL" refers to version 3 of the GNU
+General Public License.
+
+  "The Library" refers to a covered work governed by this License,
+other than an Application or a Combined Work as defined below.
+
+  An "Application" is any work that makes use of an interface provided
+by the Library, but which is not otherwise based on the Library.
+Defining a subclass of a class defined by the Library is deemed a mode
+of using an interface provided by the Library.
+
+  A "Combined Work" is a work produced by combining or linking an
+Application with the Library.  The particular version of the Library
+with which the Combined Work was made is also called the "Linked
+Version".
+
+  The "Minimal Corresponding Source" for a Combined Work means the
+Corresponding Source for the Combined Work, excluding any source code
+for portions of the Combined Work that, considered in isolation, are
+based on the Application, and not on the Linked Version.
+
+  The "Corresponding Application Code" for a Combined Work means the
+object code and/or source code for the Application, including any data
+and utility programs needed for reproducing the Combined Work from the
+Application, but excluding the System Libraries of the Combined Work.
+
+  1. Exception to Section 3 of the GNU GPL.
+
+  You may convey a covered work under sections 3 and 4 of this License
+without being bound by section 3 of the GNU GPL.
+
+  2. Conveying Modified Versions.
+
+  If you modify a copy of the Library, and, in your modifications, a
+facility refers to a function or data to be supplied by an Application
+that uses the facility (other than as an argument passed when the
+facility is invoked), then you may convey a copy of the modified
+version:
+
+   a) under this License, provided that you make a good faith effort to
+   ensure that, in the event an Application does not supply the
+   function or data, the facility still operates, and performs
+   whatever part of its purpose remains meaningful, or
+
+   b) under the GNU GPL, with none of the additional permissions of
+   this License applicable to that copy.
+
+  3. Object Code Incorporating Material from Library Header Files.
+
+  The object code form of an Application may incorporate material from
+a header file that is part of the Library.  You may convey such object
+code under terms of your choice, provided that, if the incorporated
+material is not limited to numerical parameters, data structure
+layouts and accessors, or small macros, inline functions and templates
+(ten or fewer lines in length), you do both of the following:
+
+   a) Give prominent notice with each copy of the object code that the
+   Library is used in it and that the Library and its use are
+   covered by this License.
+
+   b) Accompany the object code with a copy of the GNU GPL and this license
+   document.
+
+  4. Combined Works.
+
+  You may convey a Combined Work under terms of your choice that,
+taken together, effectively do not restrict modification of the
+portions of the Library contained in the Combined Work and reverse
+engineering for debugging such modifications, if you also do each of
+the following:
+
+   a) Give prominent notice with each copy of the Combined Work that
+   the Library is used in it and that the Library and its use are
+   covered by this License.
+
+   b) Accompany the Combined Work with a copy of the GNU GPL and this license
+   document.
+
+   c) For a Combined Work that displays copyright notices during
+   execution, include the copyright notice for the Library among
+   these notices, as well as a reference directing the user to the
+   copies of the GNU GPL and this license document.
+
+   d) Do one of the following:
+
+       0) Convey the Minimal Corresponding Source under the terms of this
+       License, and the Corresponding Application Code in a form
+       suitable for, and under terms that permit, the user to
+       recombine or relink the Application with a modified version of
+       the Linked Version to produce a modified Combined Work, in the
+       manner specified by section 6 of the GNU GPL for conveying
+       Corresponding Source.
+
+       1) Use a suitable shared library mechanism for linking with the
+       Library.  A suitable mechanism is one that (a) uses at run time
+       a copy of the Library already present on the user's computer
+       system, and (b) will operate properly with a modified version
+       of the Library that is interface-compatible with the Linked
+       Version.
+
+   e) Provide Installation Information, but only if you would otherwise
+   be required to provide such information under section 6 of the
+   GNU GPL, and only to the extent that such information is
+   necessary to install and execute a modified version of the
+   Combined Work produced by recombining or relinking the
+   Application with a modified version of the Linked Version. (If
+   you use option 4d0, the Installation Information must accompany
+   the Minimal Corresponding Source and Corresponding Application
+   Code. If you use option 4d1, you must provide the Installation
+   Information in the manner specified by section 6 of the GNU GPL
+   for conveying Corresponding Source.)
+
+  5. Combined Libraries.
+
+  You may place library facilities that are a work based on the
+Library side by side in a single library together with other library
+facilities that are not Applications and are not covered by this
+License, and convey such a combined library under terms of your
+choice, if you do both of the following:
+
+   a) Accompany the combined library with a copy of the same work based
+   on the Library, uncombined with any other library facilities,
+   conveyed under the terms of this License.
+
+   b) Give prominent notice with the combined library that part of it
+   is a work based on the Library, and explaining where to find the
+   accompanying uncombined form of the same work.
+
+  6. Revised Versions of the GNU Lesser General Public License.
+
+  The Free Software Foundation may publish revised and/or new versions
+of the GNU Lesser General Public License from time to time. Such new
+versions will be similar in spirit to the present version, but may
+differ in detail to address new problems or concerns.
+
+  Each version is given a distinguishing version number. If the
+Library as you received it specifies that a certain numbered version
+of the GNU Lesser General Public License "or any later version"
+applies to it, you have the option of following the terms and
+conditions either of that published version or of any later version
+published by the Free Software Foundation. If the Library as you
+received it does not specify a version number of the GNU Lesser
+General Public License, you may choose any version of the GNU Lesser
+General Public License ever published by the Free Software Foundation.
+
+  If the Library as you received it specifies that a proxy can decide
+whether future versions of the GNU Lesser General Public License shall
+apply, that proxy's public statement of acceptance of any version is
+permanent authorization for you to choose that version for the
+Library.

data/ChangeLog.md

@@ -0,0 +1,36 @@
+### 0.1.0 / 2024-XX-XX
+
+* Initial release:
+  * Uses asynchronous I/O and fibers.
+  * Supports defining recon modules as plain old Ruby class.
+  * Provides built-in recon workers for:
+    * IP range enumeration.
+    * DNS lookup of host-names.
+    * Querying nameservers.
+    * Querying mailservers.
+    * DNS reverse lookup of IP addresses.
+    * DNS SRV record enumeration.
+    * DNS subdomain enumeration.
+    * Service/port scanning with `nmap`.
+    * Enumerates the Common Name (`CN`) and `subjectAltName`s within all SSL/TLS
+      certificates.
+    * Web spidering.
+    * HTTP directory enumeration.
+  * Supports loading additional recon modules from Ruby files or from installed
+    [3rd-party git repositories][ronin-repos].
+  * Builds a network graph of all discovered assets.
+  * Provides a simple CLI for listing workers or performing recon.
+  * Supports many different output file formats:
+    * TXT
+    * CSV
+    * JSON
+    * [NDJSON](http://ndjson.org/)
+    * [GraphViz][graphviz]
+      * DOT
+      * SVG
+      * PNG
+      * PDF
+  * Supports automatically saving recon results into [ronin-db].
+
+[graphviz]: https://graphviz.org/
+[ronin-repos]: https://github.com/ronin-rb/ronin-repos#readme

data/Gemfile

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
+
+gemspec
+
+platform :jruby do
+  gem 'jruby-openssl', '~> 0.7'
+end
+
+# gem 'wordlist', '~> 1.0', github: 'postmodern/wordlist',
+#                           branch: 'main'
+
+# Ronin dependencies
+# gem 'ronin-support',  '~> 1.1', github: 'ronin-rb/ronin-support',
+#                                 branch: 'main'
+
+# gem 'ronin-core', '~> 0.2', github: 'ronin-rb/ronin-core',
+#                             branch: 'main'
+
+# gem 'ronin-repos',    '~> 0.1', github: 'ronin-rb/ronin-repos',
+#                                 branch: 'main'
+
+# gem 'ronin-db-activerecord', '~> 0.2', github: 'ronin-rb/ronin-db-activerecord',
+#                                        branch: 'main'
+
+# gem 'ronin-db',      '~> 0.2', github: 'ronin-rb/ronin-db',
+#                                branch: 'main'
+
+# gem 'ronin-masscan', '~> 0.1', github: 'ronin-rb/ronin-masscan',
+#                                branch: 'main'
+
+# gem 'ronin-nmap',    '~> 0.1', github: 'ronin-rb/ronin-nmap',
+#                                branch: 'main'
+
+# gem 'ronin-web-spider',  '~> 0.2', github: 'ronin-rb/ronin-web-spider',
+#                                    branch: 'main'
+
+group :development do
+  gem 'rake'
+  gem 'rubygems-tasks',   '~> 0.2'
+
+  gem 'rspec',            '~> 3.0'
+  gem 'simplecov',        '~> 0.20'
+  gem 'sinatra',          '~> 3.0'
+  gem 'webmock',          '~> 3.0'
+
+  gem 'kramdown',         '~> 2.0'
+  gem 'kramdown-man',     '~> 1.0'
+
+  gem 'redcarpet',        platform: :mri
+  gem 'yard',             '~> 0.9'
+  gem 'yard-spellcheck',  require: false
+
+  gem 'dead_end',         require: false
+  gem 'sord',             require: false, platform: :mri
+  gem 'stackprof',        require: false, platform: :mri
+  gem 'rubocop',          require: false, platform: :mri
+  gem 'rubocop-ronin',    require: false, platform: :mri
+
+  gem 'command_kit-completion', '~> 0.2', require: false
+end