Ryo

Ryo is a yet another website recon tool powered by Ruby.

Note: I'm working on this just because for fun and study purposes.

Concept

• JSON all the way.
  • No pretty output / report, just a JSON.

Features & ToDo list

• [x] Directory & File brute force
• [x] Subdomain discovery
  • By using DNSDumpster and FindSubdomains
• [x] Website's technology detection
  • By using SimpleWhatWeb
• [x] Whois
  • By using DomainBigData
• [x] Threading support
• [ ] Port scanning

Installation

$ gem install ryo

Usage

$ ryo
Commands:
  ryo all URL         # Run all discovery plugins against a given URL
  ryo dir URL         # Discover directories and files belong to a given URL
  ryo help [COMMAND]  # Describe available commands or one specific command
  ryo subdomain URL   # Discover subdomains of a given URL
  ryo tech URL        # Discover used technolgies of a given URL
  ryo whois URL       # Discover whois information of a given URL

# start Webrick HTTP server
# $ ruby -rwebrick -e 'WEBrick::HTTPServer.new(:DocumentRoot => "./", :Port => 8000).start'
$ ryo all http://localhost:8000 | jq .
{
  "dir": [
    "http://localhost:8000/.git/",
    "http://localhost:8000/.git/branches/",
    "http://localhost:8000/.git/COMMIT_EDITMSG",
    "http://localhost:8000/.git/config",
    "http://localhost:8000/.git/description",
    "http://localhost:8000/.git/FETCH_HEAD",
    "http://localhost:8000/.git/HEAD",
    "http://localhost:8000/.git/hooks/",
    "http://localhost:8000/.git/index",
    "http://localhost:8000/.git/info/",
    "http://localhost:8000/.git/info/exclude",
    "http://localhost:8000/.git/logs/",
    "http://localhost:8000/.git/logs/HEAD",
    "http://localhost:8000/.git/logs/refs/heads/master",
    "http://localhost:8000/.git/logs/refs/remotes/origin/HEAD",
    "http://localhost:8000/.git/objects/",
    "http://localhost:8000/.git/packed-refs",
    "http://localhost:8000/.git/refs/",
    "http://localhost:8000/.git/refs/heads/master",
    "http://localhost:8000/.git/refs/remotes/origin/HEAD",
    "http://localhost:8000/.gitignore",
    "http://localhost:8000/.gitignore/",
    "http://localhost:8000/.travis.yml",
    "http://localhost:8000/Bin/",
    "http://localhost:8000/bin/",
    "http://localhost:8000/Gemfile",
    "http://localhost:8000/Gemfile.lock",
    "http://localhost:8000/LICENSE",
    "http://localhost:8000/Rakefile",
    "http://localhost:8000/README.md",
    "http://localhost:8000/readme.md"
  ],
  "subdomain": [],
  "tech": {
    "HTTPServer": [
      {
        "name": "server string",
        "string": "WEBrick/1.4.2 (Ruby/2.5.1/2018-03-29)",
        "certainty": 100
      }
    ],
    "Ruby": [
      {
        "regexp": [
          "Ruby"
        ],
        "search": "headers[server]",
        "certainty": 100
      },
      {
        "regexp": [
          "WEBrick"
        ],
        "search": "headers[server]",
        "certainty": 100
      }
    ],
    "Title": [
      {
        "name": "page title",
        "string": "Index of /",
        "certainty": 100
      }
    ]
  },
  "whois": {
    "globa_stats": {},
    "registrant": {}
  }
}

License

The gem is available as open source under the terms of the MIT License.