RUBY FOR PENTESTERS
by Roman Rott

RUBY FOR
PENTESTERS
PENTESTING
FOR RUBYISTS
VS

RUBY HAS ABILITIES AND TRICKS FOR DEALING WITH ALL STRINGS SCENARIOS
➤ Convert String/Binary to Hex;
➤ Convert Hex to String/Binary;
➤ Encode/Decode String;
➤ Regular Expressions;
➤ String extraction;
➤ Parsing HTML, XML, JSON, etc;
➤ Cryptography libs, MD5, SHA1,2
hash. Generating MySQL/
PostgreSQL, Windows Password
Hashes, etc

TOOLS
http://ronin-ruby.github.io/
Ronin
Ronin is a Ruby platform for
vulnerability research and
exploit development.
Ronin allows for the rapid
development and distribution
of code, Exploits, Payloads,
Scanners, etc, via Repositories.

TOOLS
https://wpscan.org/
WPScan
WordPress vulnerability
scanner.

TOOLS
https://www.morningstarsecurity.com/research/whatweb
WhatWeb
Recognizes web technologies
including CMS,
blogging platforms,
statistic/analytics packages,
JavaScript libraries,
web servers, etc

TOOLS
https://github.com/rubysec/bundler-audit
bundle-audit
Patch-level verification for
Bundler

TOOLS
https://github.com/presidentbeef/brakeman
brakeman
Static analysis tool which
checks Ruby on Rails
applications for security
vulnerabilities.

FRAMEWORKS
http://www.arachni-scanner.com/
Arachni
Ruby framework aimed towards helping
penetration testers and administrators
evaluate the security of modern
web applications.

FRAMEWORKS
BeEF
http://beefproject.com/
The Browser Exploitation
Framework.
It is a penetration testing tool
that focuses on the web browser.

FRAMEWORKS
Metasploit

HELPERS
https://github.com/iridakos/duckrails
DuckRails
Allows to quickly mock API endpoints,
Setting response headers,
Setting some advanced configuration (delays,
dynamic headers, content type & status), etc.

HELPERS
➤ Oga - XML/HTML parser - https://github.com/YorickPeterse/oga
➤ html-pipeline - GitHub HTML processing filters and utilities. This module includes a
small framework for defining DOM based content filters and applying them to user
provided content. - https://github.com/jch/html-pipeline
➤ Happymapper allows you to parse XML data and convert it quickly and easily into
ruby data structures. - https://github.com/dam5s/happymapper
➤ nokogiri - is a Rubygem providing HTML, XML, SAX, and Reader parsers with
XPath and CSS selector support. - https://github.com/sparklemotion/nokogiri

BROWSER MANIPULATION
Selenium
Watir
webdrivers

AUTOMATIZATION
https://github.com/sophsec/ruby-nmap
ruby-nmap

AUTOMATIZATION
➤ net-ping gem
➤ ruby-nmap gem
➤ etc.

AUTOMATIZATION
Puppet
https://puppet.com/
Chef
Vagrant
https://www.chef.io/chef/
https://www.vagrantup.com/
Docker
https://www.docker.com/
+

COMMAND EXECUTION
➤ Kernel#` (back-ticks)
➤ Kernel#exec
➤ Kernel#system
➤ IO#popen
➤ Process#spawn
➤ %x"", %x[], %x{}, %x$’'$
➤ Rake#sh

PACKAGING
➤ One-Click Ruby
Application(OCRA) Builder
➤ Traveling-ruby
➤ RubyEncoder

EXTEND BURP SUITE USING JRUBY
Jruby
JRuby is a fully threaded
Java implementation of the Ruby

The end.