Required Gems

I'd like to list all external gems that might be used in this book. This list will be updated once a new gem is required.

Note that you don't need to install them all unless you specifically need them.

Main Gems

  • Pry - An IRB alternative and runtime developer console.

  • pry-doc - Pry Doc is a Pry REPL plugin. Extending documentation support for the REPL by improving the show-doc & show-source commands.

  • pry-byebug - Combine 'pry' with 'byebug'. Adds 'step', 'next', 'finish', 'continue' and 'break' commands to control execution.

    gem install pry
    gem install pry-doc
    gem install pry-byebug

    To run pry with best appearance

    pry --simple-prompt

Note: Most of our examples will be executed on pry so please consider it as main part of our environment. Otherwise, when you see #!/usr/bin/env ruby, it means a file script to execute.

Module Gems

Due the demand of wrapping all required gems into one gem, we've created hacker-gems which installs all the below gems at one time.

gem install hacker-gems

You might need to install some packages beforehand to avoid any errors of missing libraries.

sudo apt-get install build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev git-core autoconf postgresql pgadmin3 curl zlib1g-dev libxml2-dev libxslt1-dev vncviewer libyaml-dev curl nmap

Module 0x1 | Basic Ruby Kung Fu

  • colorize - Extends String class or add a ColorizedString with methods to set text color, background.

Module 0x2 | System Kung Fu

  • virustotal - A script for automating queries.

  • uirusu - A tool and REST library for interacting with

  • clipboard - Lets you access the clipboard on Linux, MacOS, Windows, and Cygwin.

Extra gems

Useful gems to build command line applications

  • tty-prompt - A beautiful and powerful interactive command line prompt.

  • Thor - Create a command-suite app simply and easily, as well as Rails generators.

  • GLI - Create awesome, polished command suites without a lot of code.

  • Slop - Create simple command-line apps with a syntax similar to trollop.

  • Highline - handle user input and output via a “Q&A” style API, including type conversions and validation.

  • Escort - A library that makes building command-line apps in ruby so easy, you’ll feel like an expert is guiding you through it.

  • commander - The complete solution for Ruby command-line executables.

Module 0x3 | Network Kung Fu

  • geoip - searches a GeoIP database host or IP address, returns the country, city, ISP and location.

  • net-ping - A ping interface. Includes TCP, HTTP, LDAP, ICMP, UDP, WMI (for Windows).

  • ruby-nmap - A Ruby interface to Nmap, the exploration tool and security / port scanner.

  • ronin-scanners - A library for Ronin that provides Ruby interfaces to various third-party security scanners.

  • net-dns - A pure Ruby DNS library, with a clean OO interface and an extensible API.

  • snmp - A Ruby implementation of SNMP (the Simple Network Management Protocol).

  • net-ssh - A pure-Ruby implementation of the SSH2 client protocol.

  • net-scp - A pure Ruby implementation of the SCP client protocol.

  • ftpd - A pure Ruby FTP server library. It supports implicit and explicit TLS, IPV6, passive and active mode.

  • packetfu - A mid-level packet manipulation library for Ruby.

  • packetgen - Ruby library to easily generate and capture network packets.

Module 0x4 | Web Kung Fu

  • net-http-digest_auth - An implementation of RFC 2617 - Digest Access Authentication.

  • ruby-ntlm - NTLM implementation for Ruby.

  • activerecord - Databases on Rails. Build a persistent domain model by mapping database tables to Ruby.

  • tiny_tds - TinyTDS - A modern, simple and fast FreeTDS library for Ruby using DB-Library.

  • activerecord-sqlserver-adapter.

  • activerecord-oracle_enhanced-adapter.

  • buby - a mashup of JRuby with the popular commercial web security testing tool Burp Suite from PortSwigger.

  • wasabi - A simple WSDL parser.

  • savon - Heavy metal SOAP client.

  • httpclient - gives something like the functionality of libwww-perl (LWP) in Ruby.

  • nokogiri - An HTML, XML, SAX, and Reader parser.

  • twitter - A Ruby interface to the Twitter API.

  • selenium-webdriver - A tool for writing automated tests of websites. It aims to mimic the behaviour of a real user.

  • watir-webdriver - WebDriver-backed Watir.

  • coffee-script - Ruby CoffeeScript is a bridge to the JS CoffeeScript compiler.

  • opal - Ruby runtime and core library for JavaScript.

Extra gems Useful gems to deal with web:

  • Mechanize - a ruby library that makes automated web interaction easy.

  • HTTP.rb - Fast, Elegant HTTP client for ruby.

  • RestClient - A class and executable for interacting with RESTful web services.

  • httparty - Makes http fun! Also, makes consuming restful web services dead easy.

  • websocket - Universal Ruby library to handle WebSocket protocol.

Module 0x5 | Exploitation Kung Fu

  • metasm - A cross-architecture assembler, disassembler, linker, and debugger.

Module 0x6 | Forensic Kung Fu

  • metasm - A cross-architecture assembler, disassembler, linker, and debugger.

Last updated