Menu
I would like to know whether there are any free tools available which can be used to test security vulnerabilities in a rails app. I came across skipfish, which I found was not very intuitive in its report. Are there any similar tools available?
Update
I've found a tool, ZAP, which can be used for doing penetration testing for any Web applications. You can easily automate it by integrating it with testing tools such as Selenium. This looks really cool and has many features and easy to use too.
Leena
939
Rails Best Practices already mentioned is very good for general code quality checks, but specifically for security vulnerabilities checks, definitely have a look at Brakeman, "an open source vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development".
You could also hook your app in to Rails Brakeman to have the Brakeman security report run every time you do a commit at Github.
122
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
