5

I'm wondering if there is a place where I can find up-to-date information regarding ethical hacking with Ruby. I do find lot of Python information, which is OK, but I have 4 years of experience coding Ruby for DevOps/Sysadmin/networking related scripts.

I'd like to learn more of Information Security, and will rather code my own penetration test tools using a language I'm more familiar with.

If there's no other option I can dig into Python, but before I make that call I'd like to hear from others that use Ruby to create their own pen-test tools.

EDIT: there is a subreddit for infosec ruby at: http://www.reddit.com/r/ruby_infosec/

cfernandezlinux
  • 281
  • 4
  • 15

2 Answers2

7

I'm a Python programmer myself, in my opinion there isn't any limitation to Ruby compared to Python when it comes to coding your pentesting tools. So if you are familiar with Ruby, go for Ruby. It can be handy to understand other programming/scripting languages to analyze an exploit. From this perspective I'd encourage you to try and port exploits from Python to Ruby. Apart from the more low level stuff in Python (stuff which requires ctypes might take a bit more time to understand) you can generally just look at the protocol spec or Python code to find out how it works.

Metasploit was completely written in Ruby, have a look at the framework as you will most likely use it a lot. If you want to code your own pentesting tools then just port Python scripts to Ruby or take the concepts from the tool's description..

One of the more interesting tools you have in Python is scapy. It was the pioneering library for packet crafting. For Ruby you have Scruby(not actively developed anymore) and the more recent and maintained PacketFu.

To automate nmap scanning you can use ruby-nmap which is an interface to nmap.

Lucas Kauffman
  • 54,169
  • 17
  • 112
  • 196
0

Ruby just isn't that popular for security. Python is the preferred language. As Lucas says, Metasploit was written in Ruby for the expressed reason to make mix-ins easier to incorporate. Almost everything else is Python.

If you want further proof, you can look at the Kali distro and see that almost everything scripted is in Python.

schroeder
  • 123,438
  • 55
  • 284
  • 319