ronin-web 1.0.2 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/ruby.yml +3 -2
- data/.gitignore +1 -0
- data/.rubocop.yml +5 -0
- data/.ruby-version +1 -1
- data/ChangeLog.md +46 -1
- data/Gemfile +25 -12
- data/README.md +257 -51
- data/Rakefile +9 -0
- data/data/completions/ronin-web +203 -0
- data/gemspec.yml +18 -5
- data/lib/ronin/web/cli/browser_options.rb +92 -0
- data/lib/ronin/web/cli/browser_shell.rb +448 -0
- data/lib/ronin/web/cli/command.rb +1 -1
- data/lib/ronin/web/cli/commands/browser.rb +373 -0
- data/lib/ronin/web/cli/commands/completion.rb +63 -0
- data/lib/ronin/web/cli/commands/diff.rb +60 -8
- data/lib/ronin/web/cli/commands/html.rb +21 -33
- data/lib/ronin/web/cli/commands/irb.rb +1 -1
- data/lib/ronin/web/cli/commands/new/{webapp.rb → app.rb} +8 -8
- data/lib/ronin/web/cli/commands/new/nokogiri.rb +4 -4
- data/lib/ronin/web/cli/commands/new/server.rb +1 -1
- data/lib/ronin/web/cli/commands/new/spider.rb +1 -1
- data/lib/ronin/web/cli/commands/new.rb +5 -3
- data/lib/ronin/web/cli/commands/reverse_proxy.rb +1 -1
- data/lib/ronin/web/cli/commands/screenshot.rb +186 -0
- data/lib/ronin/web/cli/commands/server.rb +1 -1
- data/lib/ronin/web/cli/commands/session_cookie.rb +265 -0
- data/lib/ronin/web/cli/commands/spider.rb +61 -467
- data/lib/ronin/web/cli/commands/user_agent.rb +177 -0
- data/lib/ronin/web/cli/commands/vulns.rb +463 -0
- data/lib/ronin/web/cli/commands/wordlist.rb +484 -0
- data/lib/ronin/web/cli/commands/xml.rb +149 -0
- data/lib/ronin/web/cli/js_shell.rb +69 -0
- data/lib/ronin/web/cli/ruby_shell.rb +1 -1
- data/lib/ronin/web/cli/spider_options.rb +919 -0
- data/lib/ronin/web/cli.rb +3 -1
- data/lib/ronin/web/html.rb +1 -1
- data/lib/ronin/web/root.rb +1 -1
- data/lib/ronin/web/version.rb +2 -2
- data/lib/ronin/web/xml.rb +1 -1
- data/lib/ronin/web.rb +4 -364
- data/man/ronin-web-browser.1 +92 -0
- data/man/ronin-web-browser.1.md +96 -0
- data/man/ronin-web-completion.1 +76 -0
- data/man/ronin-web-completion.1.md +78 -0
- data/man/ronin-web-diff.1 +14 -21
- data/man/ronin-web-diff.1.md +13 -6
- data/man/ronin-web-html.1 +30 -46
- data/man/ronin-web-html.1.md +27 -17
- data/man/ronin-web-irb.1 +9 -16
- data/man/ronin-web-irb.1.md +6 -2
- data/man/ronin-web-new-app.1.md +39 -0
- data/man/ronin-web-new-nokogiri.1 +9 -20
- data/man/ronin-web-new-nokogiri.1.md +5 -5
- data/man/ronin-web-new-server.1 +11 -23
- data/man/ronin-web-new-server.1.md +5 -5
- data/man/ronin-web-new-spider.1 +44 -88
- data/man/ronin-web-new-spider.1.md +37 -37
- data/man/ronin-web-new.1 +18 -30
- data/man/ronin-web-new.1.md +15 -11
- data/man/ronin-web-reverse-proxy.1 +33 -38
- data/man/ronin-web-reverse-proxy.1.md +20 -14
- data/man/ronin-web-screenshot.1 +56 -0
- data/man/ronin-web-screenshot.1.md +56 -0
- data/man/ronin-web-server.1 +15 -29
- data/man/ronin-web-server.1.md +13 -9
- data/man/ronin-web-session-cookie.1 +38 -0
- data/man/ronin-web-session-cookie.1.md +41 -0
- data/man/ronin-web-spider.1 +121 -130
- data/man/ronin-web-spider.1.md +115 -66
- data/man/ronin-web-user-agent.1 +44 -0
- data/man/ronin-web-user-agent.1.md +46 -0
- data/man/ronin-web-vulns.1 +175 -0
- data/man/ronin-web-vulns.1.md +177 -0
- data/man/ronin-web-wordlist.1 +258 -0
- data/man/ronin-web-wordlist.1.md +263 -0
- data/man/ronin-web-xml.1 +43 -0
- data/man/ronin-web-xml.1.md +46 -0
- data/man/ronin-web.1 +67 -18
- data/man/ronin-web.1.md +55 -4
- data/scripts/setup +58 -0
- metadata +121 -30
- data/lib/ronin/web/mechanize.rb +0 -84
- data/man/ronin-web-new-webapp.1.md +0 -39
- /data/data/new/{webapp → app}/.gitignore +0 -0
- /data/data/new/{webapp → app}/.ruby-version.erb +0 -0
- /data/data/new/{webapp → app}/Dockerfile.erb +0 -0
- /data/data/new/{webapp → app}/Gemfile +0 -0
- /data/data/new/{webapp → app}/app.rb.erb +0 -0
- /data/data/new/{webapp → app}/config.ru +0 -0
- /data/data/new/{webapp → app}/docker-compose.yml.erb +0 -0
@@ -0,0 +1,46 @@
|
|
1
|
+
# ronin-web-user-agent 1 "2023-03-01" Ronin "User Manuals"
|
2
|
+
|
3
|
+
## NAME
|
4
|
+
|
5
|
+
ronin-web-user-agent - Generates a random User-Agent string
|
6
|
+
|
7
|
+
## SYNOPSIS
|
8
|
+
|
9
|
+
`ronin-web user-agent` [*options*]
|
10
|
+
|
11
|
+
## DESCRIPTION
|
12
|
+
|
13
|
+
Generates a random HTTP `User-Agent` string.
|
14
|
+
|
15
|
+
## OPTIONS
|
16
|
+
|
17
|
+
`-B`, `--browser` `chrome`\|`firefox`
|
18
|
+
: Selects the desired browser type for the `User-Agent` string.
|
19
|
+
|
20
|
+
`--chrome-version` *VERSION*
|
21
|
+
: Sets desired Chrome version. Only takes effect when `--browser chrome` is also
|
22
|
+
given.
|
23
|
+
|
24
|
+
`--firefox-version` *VERSION*
|
25
|
+
: Sets desired Firefox version. Only takes effect when `--browser chrome` is
|
26
|
+
also given.
|
27
|
+
|
28
|
+
`-D`, `--linux-distro` `ubuntu`\|`fedora`\|`arch`\|`DISTRO`
|
29
|
+
: Selects the desired Linux distro.
|
30
|
+
|
31
|
+
`-A`, `--arch` `x86-64`\|`x86`\|`i686`\|`aarch64`\|`arm64`\|`arm`
|
32
|
+
: Selects the desired architecture.
|
33
|
+
|
34
|
+
`-O`, `--os` `android`\|`linux`\|`windows`
|
35
|
+
: Selects the desired OS.
|
36
|
+
|
37
|
+
`--os-version` *VERSION*
|
38
|
+
: Sets the desired OS version.
|
39
|
+
|
40
|
+
`-h`, `--help`
|
41
|
+
: Print help information.
|
42
|
+
|
43
|
+
## AUTHOR
|
44
|
+
|
45
|
+
Postmodern <postmodern.mod3@gmail.com>
|
46
|
+
|
@@ -0,0 +1,175 @@
|
|
1
|
+
.\" Generated by kramdown-man 1.0.1
|
2
|
+
.\" https://github.com/postmodern/kramdown-man#readme
|
3
|
+
.TH ronin-web-spider 1 "2022-01-01" Ronin Web "User Manuals"
|
4
|
+
.SH SYNOPSIS
|
5
|
+
.PP
|
6
|
+
\fBronin\-web spider\fR \[lB]\fIoptions\fP\[rB] \[lC]\fB\-\-host\fR \fIHOST\fP \[or] \fB\-\-domain\fR \fIDOMAIN\fP \[or] \fB\-\-site\fR \fIURL\fP\[rC]
|
7
|
+
.SH DESCRIPTION
|
8
|
+
.PP
|
9
|
+
Spiders a website and tests every URL for web vulnerabilities\.
|
10
|
+
.SH OPTIONS
|
11
|
+
.PP
|
12
|
+
\fB\-\-host\fR \fIHOST\fP
|
13
|
+
Spiders the specific \fIHOST\fP\.
|
14
|
+
.PP
|
15
|
+
\fB\-\-domain\fR \fIDOMAIN\fP
|
16
|
+
Spiders the whole \fIDOMAIN\fP\.
|
17
|
+
.PP
|
18
|
+
\fB\-\-site\fR \fIURL\fP
|
19
|
+
Spiders the website, starting at the \fIURL\fP\.
|
20
|
+
.PP
|
21
|
+
\fB\-\-open\-timeout\fR \fISECS\fP
|
22
|
+
Sets the connection open timeout\.
|
23
|
+
.PP
|
24
|
+
\fB\-\-read\-timeout\fR \fISECS\fP
|
25
|
+
Sets the read timeout\.
|
26
|
+
.PP
|
27
|
+
\fB\-\-ssl\-timeout\fR \fISECS\fP
|
28
|
+
Sets the SSL connection timeout\.
|
29
|
+
.PP
|
30
|
+
\fB\-\-continue\-timeout\fR \fISECS\fP
|
31
|
+
Sets the continue timeout\.
|
32
|
+
.PP
|
33
|
+
\fB\-\-keep\-alive\-timeout\fR \fISECS\fP
|
34
|
+
Sets the connection keep alive timeout\.
|
35
|
+
.PP
|
36
|
+
\fB\-P\fR, \fB\-\-proxy\fR \fIPROXY\fP
|
37
|
+
Sets the proxy to use\.
|
38
|
+
.PP
|
39
|
+
\fB\-H\fR, \fB\-\-header\fR \[lq]\fINAME\fP: \fIVALUE\fP\[rq]
|
40
|
+
Sets a default header\.
|
41
|
+
.PP
|
42
|
+
\fB\-\-host\-header\fR \fINAME\fP\[eq]\fIVALUE\fP
|
43
|
+
Sets a default header\.
|
44
|
+
.PP
|
45
|
+
\fB\-u\fR, \fB\-\-user\-agent\fR chrome\-linux\[or]chrome\-macos\[or]chrome\-windows\[or]chrome\-iphone\[or]chrome\-ipad\[or]chrome\-android\[or]firefox\-linux\[or]firefox\-macos\[or]firefox\-windows\[or]firefox\-iphone\[or]firefox\-ipad\[or]firefox\-android\[or]safari\-macos\[or]safari\-iphone\[or]safari\-ipad\[or]edge
|
46
|
+
The \fBUser\-Agent\fR to use\.
|
47
|
+
.PP
|
48
|
+
\fB\-U\fR, \fB\-\-user\-agent\-string\fR \fISTRING\fP
|
49
|
+
The raw \fBUser\-Agent\fR string to use\.
|
50
|
+
.PP
|
51
|
+
\fB\-R\fR, \fB\-\-referer\fR \fIURL\fP
|
52
|
+
Sets the \fBReferer\fR URL\.
|
53
|
+
.PP
|
54
|
+
\fB\-\-delay\fR \fISECS\fP
|
55
|
+
Sets the delay in seconds between each request\.
|
56
|
+
.PP
|
57
|
+
\fB\-l\fR, \fB\-\-limit\fR \fICOUNT\fP
|
58
|
+
Only spiders up to \fICOUNT\fP pages\.
|
59
|
+
.PP
|
60
|
+
\fB\-d\fR, \fB\-\-max\-depth\fR \fIDEPTH\fP
|
61
|
+
Only spiders up to max depth\.
|
62
|
+
.PP
|
63
|
+
\fB\-\-enqueue\fR \fIURL\fP
|
64
|
+
Adds the URL to the queue\.
|
65
|
+
.PP
|
66
|
+
\fB\-\-visited\fR \fIURL\fP
|
67
|
+
Marks the URL as previously visited\.
|
68
|
+
.PP
|
69
|
+
\fB\-\-strip\-fragments\fR
|
70
|
+
Enables\[sl]disables stripping the fragment component of every URL\.
|
71
|
+
.PP
|
72
|
+
\fB\-\-strip\-query\fR
|
73
|
+
Enables\[sl]disables stripping the query component of every URL\.
|
74
|
+
.PP
|
75
|
+
\fB\-\-visit\-host\fR \fIHOST\fP
|
76
|
+
Visit URLs with the matching host name\.
|
77
|
+
.PP
|
78
|
+
\fB\-\-visit\-hosts\-like\fR \fB\[sl]\fR\fIREGEX\fP\fB\[sl]\fR
|
79
|
+
Visit URLs with hostnames that match the \fIREGEX\fP\.
|
80
|
+
.PP
|
81
|
+
\fB\-\-ignore\-host\fR \fIHOST\fP
|
82
|
+
Ignore the host name\.
|
83
|
+
.PP
|
84
|
+
\fB\-\-ignore\-hosts\-like\fR \fB\[sl]\fR\fIREGEX\fP\fB\[sl]\fR
|
85
|
+
Ignore the host names matching the \fIREGEX\fP\.
|
86
|
+
.PP
|
87
|
+
\fB\-\-visit\-port\fR \fIPORT\fP
|
88
|
+
Visit URLs with the matching port number\.
|
89
|
+
.PP
|
90
|
+
\fB\-\-visit\-ports\-like\fR \fB\[sl]\fR\fIREGEX\fP\fB\[sl]\fR
|
91
|
+
Visit URLs with port numbers that match the \fIREGEX\fP\.
|
92
|
+
.PP
|
93
|
+
\fB\-\-ignore\-port\fR \fIPORT\fP
|
94
|
+
Ignore the port number\.
|
95
|
+
.PP
|
96
|
+
\fB\-\-ignore\-ports\-like\fR \fB\[sl]\fR\fIREGEX\fP\fB\[sl]\fR
|
97
|
+
Ignore the port numbers matching the \fIREGEXP\fP\.
|
98
|
+
.PP
|
99
|
+
\fB\-\-visit\-link\fR \fIURL\fP
|
100
|
+
Visit the \fIURL\fP\.
|
101
|
+
.PP
|
102
|
+
\fB\-\-visit\-links\-like\fR \fB\[sl]\fR\fIREGEX\fP\fB\[sl]\fR
|
103
|
+
Visit URLs that match the \fIREGEX\fP\.
|
104
|
+
.PP
|
105
|
+
\fB\-\-ignore\-link\fR \fIURL\fP
|
106
|
+
Ignore the \fIURL\fP\.
|
107
|
+
.PP
|
108
|
+
\fB\-\-ignore\-links\-like\fR \fB\[sl]\fR\fIREGEX\fP\fB\[sl]\fR
|
109
|
+
Ignore URLs matching the \fIREGEX\fP\.
|
110
|
+
.PP
|
111
|
+
\fB\-\-visit\-ext\fR \fIFILE\[ru]EXT\fP
|
112
|
+
Visit URLs with the matching file ext\.
|
113
|
+
.PP
|
114
|
+
\fB\-\-visit\-exts\-like\fR \fB\[sl]\fR\fIREGEX\fP\fB\[sl]\fR
|
115
|
+
Visit URLs with file exts that match the \fIREGEX\fP\.
|
116
|
+
.PP
|
117
|
+
\fB\-\-ignore\-ext\fR \fIFILE\[ru]EXT\fP
|
118
|
+
Ignore the URLs with the file ext\.
|
119
|
+
.PP
|
120
|
+
\fB\-\-ignore\-exts\-like\fR \fB\[sl]\fR\fIREGEX\fP\fB\[sl]\fR
|
121
|
+
Ignore URLs with file exts matching the REGEX\.
|
122
|
+
.PP
|
123
|
+
\fB\-r\fR, \fB\-\-robots\fR
|
124
|
+
Specifies whether to honor \fBrobots\.txt\fR\.
|
125
|
+
.TP
|
126
|
+
\fB\-\-lfi\-os\fR \fBunix\fR\[or]\fBwindows\fR
|
127
|
+
Sets the OS to test for\.
|
128
|
+
.TP
|
129
|
+
\fB\-\-lfi\-depth\fR \fINUM\fP
|
130
|
+
Sets the directory depth to escape up\.
|
131
|
+
.TP
|
132
|
+
\fB\-\-lfi\-filter\-bypass\fR \fBnull\-byte\fR\[or]\fBdouble\-escape\fR\[or]\fBbase64\fR\[or]\fBrot13\fR\[or]\fBzlib\fR
|
133
|
+
Sets the filter bypass strategy to use\.
|
134
|
+
.TP
|
135
|
+
\fB\-\-rfi\-filter\-bypass\fR \fBdouble\-encode\fR\[or]\fBsuffix\-escape\fR\[or]\fBnull\-byte\fR
|
136
|
+
Optional filter\-bypass strategy to use\.
|
137
|
+
.TP
|
138
|
+
\fB\-\-rfi\-script\-lang\fR \fBasp\fR\[or]\fBasp\.net\fR\[or]\fBcoldfusion\fR\[or]\fBjsp\fR\[or]\fBphp\fR\[or]\fBperl\fR
|
139
|
+
Explicitly specify the scripting language to test for\.
|
140
|
+
.TP
|
141
|
+
\fB\-\-rfi\-test\-script\-url\fR \fIURL\fP
|
142
|
+
Use an alternative test script URL\.
|
143
|
+
.TP
|
144
|
+
\fB\-\-sqli\-escape\-quote\fR
|
145
|
+
Escapes quotation marks\.
|
146
|
+
.TP
|
147
|
+
\fB\-\-sqli\-escape\-parens\fR
|
148
|
+
Escapes parenthesis\.
|
149
|
+
.TP
|
150
|
+
\fB\-\-sqli\-terminate\fR
|
151
|
+
Terminates the SQL expression with a \fB\-\-\fR\.
|
152
|
+
.TP
|
153
|
+
\fB\-\-ssti\-test\-expr\fR \[lC]\fIX\fP*\fIY\fP \[or] \fIX\fP\[sl]\fIZ\fP \[or] \fIX\fP\[pl]\fIY\fP \[or] \fIX\fP\-\fIY\fP\[rC]
|
154
|
+
Optional numeric test to use\.
|
155
|
+
.TP
|
156
|
+
\fB\-\-open\-redirect\-url\fR \fIURL\fP
|
157
|
+
Optional test URL to try to redirect to\.
|
158
|
+
.PP
|
159
|
+
\fB\-h\fR, \fB\-\-help\fR
|
160
|
+
Print help information\.
|
161
|
+
.SH ENVIRONMENT
|
162
|
+
.PP
|
163
|
+
\fIHTTP\[ru]PROXY\fP
|
164
|
+
Sets the global HTTP proxy\.
|
165
|
+
.PP
|
166
|
+
\fIRONIN\[ru]HTTP\[ru]PROXY\fP
|
167
|
+
Sets the HTTP proxy for Ronin\.
|
168
|
+
.SH AUTHOR
|
169
|
+
.PP
|
170
|
+
Postmodern
|
171
|
+
.MT postmodern\.mod3\[at]gmail\.com
|
172
|
+
.ME
|
173
|
+
.SH SEE ALSO
|
174
|
+
.PP
|
175
|
+
ronin\-web\-spider(1)
|
@@ -0,0 +1,177 @@
|
|
1
|
+
# ronin-web-spider 1 "2022-01-01" Ronin Web "User Manuals"
|
2
|
+
|
3
|
+
## SYNOPSIS
|
4
|
+
|
5
|
+
`ronin-web spider` [*options*] {`--host` *HOST* \| `--domain` *DOMAIN* \| `--site` *URL*}
|
6
|
+
|
7
|
+
## DESCRIPTION
|
8
|
+
|
9
|
+
Spiders a website and tests every URL for web vulnerabilities.
|
10
|
+
|
11
|
+
## OPTIONS
|
12
|
+
|
13
|
+
`--host` *HOST*
|
14
|
+
Spiders the specific *HOST*.
|
15
|
+
|
16
|
+
`--domain` *DOMAIN*
|
17
|
+
Spiders the whole *DOMAIN*.
|
18
|
+
|
19
|
+
`--site` *URL*
|
20
|
+
Spiders the website, starting at the *URL*.
|
21
|
+
|
22
|
+
`--open-timeout` *SECS*
|
23
|
+
Sets the connection open timeout.
|
24
|
+
|
25
|
+
`--read-timeout` *SECS*
|
26
|
+
Sets the read timeout.
|
27
|
+
|
28
|
+
`--ssl-timeout` *SECS*
|
29
|
+
Sets the SSL connection timeout.
|
30
|
+
|
31
|
+
`--continue-timeout` *SECS*
|
32
|
+
Sets the continue timeout.
|
33
|
+
|
34
|
+
`--keep-alive-timeout` *SECS*
|
35
|
+
Sets the connection keep alive timeout.
|
36
|
+
|
37
|
+
`-P`, `--proxy` *PROXY*
|
38
|
+
Sets the proxy to use.
|
39
|
+
|
40
|
+
`-H`, `--header` "*NAME*: *VALUE*"
|
41
|
+
Sets a default header.
|
42
|
+
|
43
|
+
`--host-header` *NAME*=*VALUE*
|
44
|
+
Sets a default header.
|
45
|
+
|
46
|
+
`-u`, `--user-agent` chrome-linux|chrome-macos|chrome-windows|chrome-iphone|chrome-ipad|chrome-android|firefox-linux|firefox-macos|firefox-windows|firefox-iphone|firefox-ipad|firefox-android|safari-macos|safari-iphone|safari-ipad|edge
|
47
|
+
The `User-Agent` to use.
|
48
|
+
|
49
|
+
`-U`, `--user-agent-string` *STRING*
|
50
|
+
The raw `User-Agent` string to use.
|
51
|
+
|
52
|
+
`-R`, `--referer` *URL*
|
53
|
+
Sets the `Referer` URL.
|
54
|
+
|
55
|
+
`--delay` *SECS*
|
56
|
+
Sets the delay in seconds between each request.
|
57
|
+
|
58
|
+
`-l`, `--limit` *COUNT*
|
59
|
+
Only spiders up to *COUNT* pages.
|
60
|
+
|
61
|
+
`-d`, `--max-depth` *DEPTH*
|
62
|
+
Only spiders up to max depth.
|
63
|
+
|
64
|
+
`--enqueue` *URL*
|
65
|
+
Adds the URL to the queue.
|
66
|
+
|
67
|
+
`--visited` *URL*
|
68
|
+
Marks the URL as previously visited.
|
69
|
+
|
70
|
+
`--strip-fragments`
|
71
|
+
Enables/disables stripping the fragment component of every URL.
|
72
|
+
|
73
|
+
`--strip-query`
|
74
|
+
Enables/disables stripping the query component of every URL.
|
75
|
+
|
76
|
+
`--visit-host` *HOST*
|
77
|
+
Visit URLs with the matching host name.
|
78
|
+
|
79
|
+
`--visit-hosts-like` `/`*REGEX*`/`
|
80
|
+
Visit URLs with hostnames that match the *REGEX*.
|
81
|
+
|
82
|
+
`--ignore-host` *HOST*
|
83
|
+
Ignore the host name.
|
84
|
+
|
85
|
+
`--ignore-hosts-like` `/`*REGEX*`/`
|
86
|
+
Ignore the host names matching the *REGEX*.
|
87
|
+
|
88
|
+
`--visit-port` *PORT*
|
89
|
+
Visit URLs with the matching port number.
|
90
|
+
|
91
|
+
`--visit-ports-like` `/`*REGEX*`/`
|
92
|
+
Visit URLs with port numbers that match the *REGEX*.
|
93
|
+
|
94
|
+
`--ignore-port` *PORT*
|
95
|
+
Ignore the port number.
|
96
|
+
|
97
|
+
`--ignore-ports-like` `/`*REGEX*`/`
|
98
|
+
Ignore the port numbers matching the *REGEXP*.
|
99
|
+
|
100
|
+
`--visit-link` *URL*
|
101
|
+
Visit the *URL*.
|
102
|
+
|
103
|
+
`--visit-links-like` `/`*REGEX*`/`
|
104
|
+
Visit URLs that match the *REGEX*.
|
105
|
+
|
106
|
+
`--ignore-link` *URL*
|
107
|
+
Ignore the *URL*.
|
108
|
+
|
109
|
+
`--ignore-links-like` `/`*REGEX*`/`
|
110
|
+
Ignore URLs matching the *REGEX*.
|
111
|
+
|
112
|
+
`--visit-ext` *FILE_EXT*
|
113
|
+
Visit URLs with the matching file ext.
|
114
|
+
|
115
|
+
`--visit-exts-like` `/`*REGEX*`/`
|
116
|
+
Visit URLs with file exts that match the *REGEX*.
|
117
|
+
|
118
|
+
`--ignore-ext` *FILE_EXT*
|
119
|
+
Ignore the URLs with the file ext.
|
120
|
+
|
121
|
+
`--ignore-exts-like` `/`*REGEX*`/`
|
122
|
+
Ignore URLs with file exts matching the REGEX.
|
123
|
+
|
124
|
+
`-r`, `--robots`
|
125
|
+
Specifies whether to honor `robots.txt`.
|
126
|
+
|
127
|
+
`--lfi-os` `unix`\|`windows`
|
128
|
+
: Sets the OS to test for.
|
129
|
+
|
130
|
+
`--lfi-depth` *NUM*
|
131
|
+
: Sets the directory depth to escape up.
|
132
|
+
|
133
|
+
`--lfi-filter-bypass` `null-byte`\|`double-escape`\|`base64`\|`rot13`\|`zlib`
|
134
|
+
: Sets the filter bypass strategy to use.
|
135
|
+
|
136
|
+
`--rfi-filter-bypass` `double-encode`\|`suffix-escape`\|`null-byte`
|
137
|
+
: Optional filter-bypass strategy to use.
|
138
|
+
|
139
|
+
`--rfi-script-lang` `asp`\|`asp.net`\|`coldfusion`\|`jsp`\|`php`\|`perl`
|
140
|
+
: Explicitly specify the scripting language to test for.
|
141
|
+
|
142
|
+
`--rfi-test-script-url` *URL*
|
143
|
+
: Use an alternative test script URL.
|
144
|
+
|
145
|
+
`--sqli-escape-quote`
|
146
|
+
: Escapes quotation marks.
|
147
|
+
|
148
|
+
`--sqli-escape-parens`
|
149
|
+
: Escapes parenthesis.
|
150
|
+
|
151
|
+
`--sqli-terminate`
|
152
|
+
: Terminates the SQL expression with a `--`.
|
153
|
+
|
154
|
+
`--ssti-test-expr` {*X*\**Y* \| *X*/*Z* \| *X*+*Y* \| *X*-*Y*}
|
155
|
+
: Optional numeric test to use.
|
156
|
+
|
157
|
+
`--open-redirect-url` *URL*
|
158
|
+
: Optional test URL to try to redirect to.
|
159
|
+
|
160
|
+
`-h`, `--help`
|
161
|
+
Print help information.
|
162
|
+
|
163
|
+
## ENVIRONMENT
|
164
|
+
|
165
|
+
*HTTP_PROXY*
|
166
|
+
Sets the global HTTP proxy.
|
167
|
+
|
168
|
+
*RONIN_HTTP_PROXY*
|
169
|
+
Sets the HTTP proxy for Ronin.
|
170
|
+
|
171
|
+
## AUTHOR
|
172
|
+
|
173
|
+
Postmodern <postmodern.mod3@gmail.com>
|
174
|
+
|
175
|
+
## SEE ALSO
|
176
|
+
|
177
|
+
ronin-web-spider(1)
|
@@ -0,0 +1,258 @@
|
|
1
|
+
.\" Generated by kramdown-man 1.0.1
|
2
|
+
.\" https://github.com/postmodern/kramdown-man#readme
|
3
|
+
.TH ronin-web-spider 1 "2022-01-01" Ronin Web "User Manuals"
|
4
|
+
.SH NAME
|
5
|
+
.PP
|
6
|
+
ronin\-web\-wordlist \- Builds a wordlist by spidering a website
|
7
|
+
.SH SYNOPSIS
|
8
|
+
.PP
|
9
|
+
\fBronin\-web wordlist\fR \[lB]\fIoptions\fP\[rB] \[lC]\fB\-\-host\fR \fIHOST\fP \[or] \fB\-\-domain\fR \fIDOMAIN\fP \[or] \fB\-\-site\fR \fIURL\fP\[rC]
|
10
|
+
.SH DESCRIPTION
|
11
|
+
.PP
|
12
|
+
Builds a wordlist by spidering a website\.
|
13
|
+
.SH OPTIONS
|
14
|
+
.TP
|
15
|
+
\fB\-o\fR, \fB\-\-output\fR \fIPATH\fP
|
16
|
+
The wordlist file to write to\.
|
17
|
+
.TP
|
18
|
+
\fB\-X\fR, \fB\-\-content\-xpath\fR \fIXPATH\fP
|
19
|
+
The XPath expression for where the content exists in each HTML page\.
|
20
|
+
.TP
|
21
|
+
\fB\-C\fR, \fB\-\-content\-css\-path\fR \fICSS\-path\fP
|
22
|
+
The CSS\-path expression for where the content exists in each HTML page\.
|
23
|
+
.TP
|
24
|
+
\fB\-\-meta\-tags\fR
|
25
|
+
Parses \fBkeywords\fR and \fBdescription\fR \fB<meta>\fR tags while spidering HTML pages\.
|
26
|
+
This is enabled by default\.
|
27
|
+
.TP
|
28
|
+
\fB\-\-no\-meta\-tags\fR
|
29
|
+
Ignore \fB<meta>\fR tags while spidering HTML pages\.
|
30
|
+
.TP
|
31
|
+
\fB\-\-comments\fR
|
32
|
+
Parses HTML comments while spidering HTML pages\.
|
33
|
+
This is enabled by default\.
|
34
|
+
.TP
|
35
|
+
\fB\-\-no\-comments\fR
|
36
|
+
Ignores HTML comments while spidering HTML pages\.
|
37
|
+
.TP
|
38
|
+
\fB\-\-alt\-tags\fR
|
39
|
+
Parses \fBalt\[eq]\fR attribute tags on \fB<img>\fR, \fB<area>\fR, and \fB<input>\fR\.
|
40
|
+
.TP
|
41
|
+
\fB\-\-no\-alt\-tags\fR
|
42
|
+
Ignore \fBalt\[eq]\fR attribute tags while spidering HTML pages\.
|
43
|
+
.TP
|
44
|
+
\fB\-\-paths\fR
|
45
|
+
Parses the directory names from all spidered URLs\.
|
46
|
+
.TP
|
47
|
+
\fB\-\-query\-param\-names\fR
|
48
|
+
Parses the query param names from all spidered URLs\.
|
49
|
+
.TP
|
50
|
+
\fB\-\-query\-param\-values\fR
|
51
|
+
Parses the query param values from all spidered URLs\.
|
52
|
+
.TP
|
53
|
+
\fB\-\-only\-paths\fR
|
54
|
+
Only parse the directory names from all spidered URLs\.
|
55
|
+
.TP
|
56
|
+
\fB\-\-only\-query\-param\-names\fR
|
57
|
+
Only parse the query param names from all spidered URLs\.
|
58
|
+
.TP
|
59
|
+
\fB\-\-query\-param\-values\fR
|
60
|
+
Only parse the query param values from all spidered URLs\.
|
61
|
+
.TP
|
62
|
+
\fB\-f\fR, \fB\-\-format\fR \fBtxt\fR\[or]\fBgz\fR\[or]\fBbzip2\fR\[or]\fBxz\fR
|
63
|
+
Specifies the format of the wordlist file that will be created\.
|
64
|
+
.TP
|
65
|
+
\fB\-A\fR, \fB\-\-append\fR
|
66
|
+
Append new words to an existing wordlist file instead of overwriting the file\.
|
67
|
+
.SS TEXT PARSING OPTIONS
|
68
|
+
.TP
|
69
|
+
\fB\-L\fR, \fB\-\-lang\fR \fILANG\fP
|
70
|
+
The language of the text to parse\. Defaults to the current language set by the
|
71
|
+
\fBLANG\fR environment variable\.
|
72
|
+
.TP
|
73
|
+
\fB\-\-stop\-word\fR \fIWORD\fP
|
74
|
+
Defines a custom \[lq]stop word\[rq] (ex: \[lq]the\[rq], \[lq]is\[rq], \[lq]a\[rq]) to be ignored\.
|
75
|
+
If not specified, a default list of \[lq]stop words\[rq] will be selected based on
|
76
|
+
either \fB\-\-lang\fR or the current language set by the \fBLANG\fR environment
|
77
|
+
variable\.
|
78
|
+
.TP
|
79
|
+
\fB\-\-ignore\-word\fR \fIWORD\fP
|
80
|
+
Adds the word to the list of words to ignore while parsing text\.
|
81
|
+
.TP
|
82
|
+
\fB\-\-digits\fR
|
83
|
+
Accepts words contining digits (0\-9) while parsing text\. This is the default
|
84
|
+
behavior\.
|
85
|
+
.TP
|
86
|
+
\fB\-\-no\-digits\fR
|
87
|
+
Ignores words containing digits (0\-9) while parsing text\.
|
88
|
+
.TP
|
89
|
+
\fB\-\-special\-char\fR \fICHAR\fP
|
90
|
+
Allows a specific special character to exist within words\. If not specified,
|
91
|
+
only the characters \fB\[ru]\fR, \fB\-\fR, \fB\(aq\fR are allowed by default\.
|
92
|
+
.TP
|
93
|
+
\fB\-\-numbers\fR
|
94
|
+
Accepts whole numbers as words while parsing text\.
|
95
|
+
.TP
|
96
|
+
\fB\-\-no\-numbers\fR
|
97
|
+
Ignores whole numbers while parsing text\. This is the default behavior\.
|
98
|
+
.TP
|
99
|
+
\fB\-\-acronyms\fR
|
100
|
+
Treat acronyms (ex: \fBA\.B\.C\.\fR) as words while parsing text\.
|
101
|
+
This is the default behavior\.
|
102
|
+
.TP
|
103
|
+
\fB\-\-no\-acronyms\fR
|
104
|
+
Ignores acronyms (ex: \fBA\.B\.C\.\fR) while parsing text\.
|
105
|
+
.TP
|
106
|
+
\fB\-\-normalize\-case\fR
|
107
|
+
Converts all words to lowercase while parsing text\.
|
108
|
+
.TP
|
109
|
+
\fB\-\-no\-normalize\-case\fR
|
110
|
+
Preserves the case of words letters while parsing text\. This is the default
|
111
|
+
behavior\. This is the default behavior\.
|
112
|
+
.TP
|
113
|
+
\fB\-\-normalize\-apostrophes\fR
|
114
|
+
Removes apostrophes from words (ex: \fBIt\(aqs\fR \-> \fBIts\fR) while parsing text\.
|
115
|
+
.TP
|
116
|
+
\fB\-\-no\-normalize\-apostrophes\fR
|
117
|
+
Preserves apostrophes in words (ex: \fBIt\(aqs\fR)\. This is the default behavior\.
|
118
|
+
This is the default behavior\.
|
119
|
+
.TP
|
120
|
+
\fB\-\-normalize\-acronyms\fR
|
121
|
+
Removes the periods from acronyms (ex: \fBA\.B\.C\.\fR \-> \fBABC\fR) while parsing text\.
|
122
|
+
.TP
|
123
|
+
\fB\-\-no\-normalize\-acronyms\fR
|
124
|
+
Preserves the periods in acronyms (ex: \fBA\.B\.C\.\fR) while parsing text\.
|
125
|
+
This is the default behavior\.
|
126
|
+
.TP
|
127
|
+
\fB\-h\fR, \fB\-\-help\fR
|
128
|
+
Print help information\.
|
129
|
+
.SS SPIDER OPTIONS
|
130
|
+
.TP
|
131
|
+
\fB\-\-open\-timeout\fR \fISECS\fP
|
132
|
+
Sets the connection open timeout\.
|
133
|
+
.TP
|
134
|
+
\fB\-\-read\-timeout\fR \fISECS\fP
|
135
|
+
Sets the read timeout\.
|
136
|
+
.TP
|
137
|
+
\fB\-\-ssl\-timeout\fR \fISECS\fP
|
138
|
+
Sets the SSL connection timeout\.
|
139
|
+
.TP
|
140
|
+
\fB\-\-continue\-timeout\fR \fISECS\fP
|
141
|
+
Sets the continue timeout\.
|
142
|
+
.TP
|
143
|
+
\fB\-\-keep\-alive\-timeout\fR \fISECS\fP
|
144
|
+
Sets the connection keep alive timeout\.
|
145
|
+
.TP
|
146
|
+
\fB\-P\fR, \fB\-\-proxy\fR \fIPROXY\fP
|
147
|
+
Sets the proxy to use\.
|
148
|
+
.TP
|
149
|
+
\fB\-H\fR, \fB\-\-header\fR \[lq]\fINAME\fP\fB:\fR \fIVALUE\fP\[rq]
|
150
|
+
Sets a default header\.
|
151
|
+
.TP
|
152
|
+
\fB\-\-host\-header\fR \fINAME\fP\[eq]\fIVALUE\fP
|
153
|
+
Sets a default header\.
|
154
|
+
.TP
|
155
|
+
\fB\-u\fR, \fB\-\-user\-agent\fR \fBchrome\-linux\fR\[or]\fBchrome\-macos\fR\[or]\fBchrome\-windows\fR\[or]\fBchrome\-iphone\fR\[or]\fBchrome\-ipad\fR\[or]\fBchrome\-android\fR\[or]\fBfirefox\-linux\fR\[or]\fBfirefox\-macos\fR\[or]\fBfirefox\-windows\fR\[or]\fBfirefox\-iphone\fR\[or]\fBfirefox\-ipad\fR\[or]\fBfirefox\-android\fR\[or]\fBsafari\-macos\fR\[or]\fBsafari\-iphone\fR\[or]\fBsafari\-ipad\fR\[or]\fBedge\fR
|
156
|
+
The \fBUser\-Agent\fR to use\.
|
157
|
+
.TP
|
158
|
+
\fB\-U\fR, \fB\-\-user\-agent\-string\fR \fISTRING\fP
|
159
|
+
The raw \fBUser\-Agent\fR string to use\.
|
160
|
+
.TP
|
161
|
+
\fB\-R\fR, \fB\-\-referer\fR \fIURL\fP
|
162
|
+
Sets the \fBReferer\fR URL\.
|
163
|
+
.TP
|
164
|
+
\fB\-\-delay\fR \fISECS\fP
|
165
|
+
Sets the delay in seconds between each request\.
|
166
|
+
.TP
|
167
|
+
\fB\-l\fR, \fB\-\-limit\fR \fICOUNT\fP
|
168
|
+
Only spiders up to \fICOUNT\fP pages\.
|
169
|
+
.TP
|
170
|
+
\fB\-d\fR, \fB\-\-max\-depth\fR \fIDEPTH\fP
|
171
|
+
Only spiders up to max depth\.
|
172
|
+
.TP
|
173
|
+
\fB\-\-enqueue\fR \fIURL\fP
|
174
|
+
Adds the URL to the queue\.
|
175
|
+
.TP
|
176
|
+
\fB\-\-visited\fR \fIURL\fP
|
177
|
+
Marks the URL as previously visited\.
|
178
|
+
.TP
|
179
|
+
\fB\-\-strip\-fragments\fR
|
180
|
+
Enables\[sl]disables stripping the fragment component of every URL\.
|
181
|
+
.TP
|
182
|
+
\fB\-\-strip\-query\fR
|
183
|
+
Enables\[sl]disables stripping the query component of every URL\.
|
184
|
+
.TP
|
185
|
+
\fB\-\-visit\-host\fR \fIHOST\fP
|
186
|
+
Visit URLs with the matching host name\.
|
187
|
+
.TP
|
188
|
+
\fB\-\-visit\-hosts\-like\fR \fB\[sl]\fR\fIREGEX\fP\fB\[sl]\fR
|
189
|
+
Visit URLs with hostnames that match the \fIREGEX\fP\.
|
190
|
+
.TP
|
191
|
+
\fB\-\-ignore\-host\fR \fIHOST\fP
|
192
|
+
Ignore the host name\.
|
193
|
+
.TP
|
194
|
+
\fB\-\-ignore\-hosts\-like\fR \fB\[sl]\fR\fIREGEX\fP\fB\[sl]\fR
|
195
|
+
Ignore the host names matching the \fIREGEX\fP\.
|
196
|
+
.TP
|
197
|
+
\fB\-\-visit\-port\fR \fIPORT\fP
|
198
|
+
Visit URLs with the matching port number\.
|
199
|
+
.TP
|
200
|
+
\fB\-\-visit\-ports\-like\fR \fB\[sl]\fR\fIREGEX\fP\fB\[sl]\fR
|
201
|
+
Visit URLs with port numbers that match the \fIREGEX\fP\.
|
202
|
+
.TP
|
203
|
+
\fB\-\-ignore\-port\fR \fIPORT\fP
|
204
|
+
Ignore the port number\.
|
205
|
+
.TP
|
206
|
+
\fB\-\-ignore\-ports\-like\fR \fB\[sl]\fR\fIREGEX\fP\fB\[sl]\fR
|
207
|
+
Ignore the port numbers matching the \fIREGEXP\fP\.
|
208
|
+
.TP
|
209
|
+
\fB\-\-visit\-link\fR \fIURL\fP
|
210
|
+
Visit the \fIURL\fP\.
|
211
|
+
.TP
|
212
|
+
\fB\-\-visit\-links\-like\fR \fB\[sl]\fR\fIREGEX\fP\fB\[sl]\fR
|
213
|
+
Visit URLs that match the \fIREGEX\fP\.
|
214
|
+
.TP
|
215
|
+
\fB\-\-ignore\-link\fR \fIURL\fP
|
216
|
+
Ignore the \fIURL\fP\.
|
217
|
+
.TP
|
218
|
+
\fB\-\-ignore\-links\-like\fR \fB\[sl]\fR\fIREGEX\fP\fB\[sl]\fR
|
219
|
+
Ignore URLs matching the \fIREGEX\fP\.
|
220
|
+
.TP
|
221
|
+
\fB\-\-visit\-ext\fR \fIFILE\[ru]EXT\fP
|
222
|
+
Visit URLs with the matching file ext\.
|
223
|
+
.TP
|
224
|
+
\fB\-\-visit\-exts\-like\fR \fB\[sl]\fR\fIREGEX\fP\fB\[sl]\fR
|
225
|
+
Visit URLs with file exts that match the \fIREGEX\fP\.
|
226
|
+
.TP
|
227
|
+
\fB\-\-ignore\-ext\fR \fIFILE\[ru]EXT\fP
|
228
|
+
Ignore the URLs with the file ext\.
|
229
|
+
.TP
|
230
|
+
\fB\-\-ignore\-exts\-like\fR \fB\[sl]\fR\fIREGEX\fP\fB\[sl]\fR
|
231
|
+
Ignore URLs with file exts matching the REGEX\.
|
232
|
+
.TP
|
233
|
+
\fB\-r\fR, \fB\-\-robots\fR
|
234
|
+
Specifies whether to honor \fBrobots\.txt\fR\.
|
235
|
+
.TP
|
236
|
+
\fB\-\-host\fR \fIHOST\fP
|
237
|
+
Spiders the specific \fIHOST\fP\.
|
238
|
+
.TP
|
239
|
+
\fB\-\-domain\fR \fIDOMAIN\fP
|
240
|
+
Spiders the whole \fIDOMAIN\fP\.
|
241
|
+
.TP
|
242
|
+
\fB\-\-site\fR \fIURL\fP
|
243
|
+
Spiders the website, starting at the \fIURL\fP\.
|
244
|
+
.SH ENVIRONMENT
|
245
|
+
.TP
|
246
|
+
\fIHTTP\[ru]PROXY\fP
|
247
|
+
Sets the global HTTP proxy\.
|
248
|
+
.TP
|
249
|
+
\fIRONIN\[ru]HTTP\[ru]PROXY\fP
|
250
|
+
Sets the HTTP proxy for Ronin\.
|
251
|
+
.SH AUTHOR
|
252
|
+
.PP
|
253
|
+
Postmodern
|
254
|
+
.MT postmodern\.mod3\[at]gmail\.com
|
255
|
+
.ME
|
256
|
+
.SH SEE ALSO
|
257
|
+
.PP
|
258
|
+
.BR ronin\-web\-spider (1)
|