All Projects → presidentbeef → Brakeman

presidentbeef / Brakeman

Licence: other
A static analysis security vulnerability scanner for Ruby on Rails applications

Programming Languages

ruby
36898 projects - #4 most used programming language
HTML
75241 projects
javascript
184084 projects - #8 most used programming language
CSS
56736 projects
SCSS
7915 projects
Haml
164 projects

Projects that are alternatives of or similar to Brakeman

Ossa
Open-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (-87.33%)
Mutual labels:  security-tools, security-audit, vulnerabilities, security-vulnerability
Vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+40.81%)
Mutual labels:  security-tools, security-audit, vulnerabilities, security-vulnerability
Lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+45.47%)
Mutual labels:  security-tools, security-audit, security-vulnerability
Recsech
Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: ✭ 173 (-97.25%)
Mutual labels:  security-tools, security-audit, security-vulnerability
Npq
🎖safely* install packages with npm or yarn by auditing them as part of your install process
Stars: ✭ 513 (-91.83%)
Mutual labels:  security-tools, security-audit, vulnerabilities
Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-97.1%)
Mutual labels:  security-tools, security-audit, security-vulnerability
Resources
A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-99.01%)
Mutual labels:  security-tools, security-audit, security-vulnerability
Sbt Dependency Check
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-97.02%)
Mutual labels:  static-analysis, security-audit, vulnerabilities
clair-cicd
Making CoreOS' Clair easily work in CI/CD pipelines
Stars: ✭ 27 (-99.57%)
Mutual labels:  security-audit, static-analysis, vulnerabilities
Super
Secure, Unified, Powerful and Extensible Rust Android Analyzer
Stars: ✭ 340 (-94.59%)
Mutual labels:  security-tools, security-audit, vulnerabilities
Dawnscanner
Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.
Stars: ✭ 642 (-89.78%)
Mutual labels:  rails, security-audit, vulnerabilities
Huskyci
Performing security tests inside your CI
Stars: ✭ 398 (-93.66%)
Mutual labels:  static-analysis, security-tools, vulnerabilities
Vulny Code Static Analysis
Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Stars: ✭ 207 (-96.7%)
Mutual labels:  static-analysis, security-tools, vulnerabilities
Wssat
WEB SERVICE SECURITY ASSESSMENT TOOL
Stars: ✭ 360 (-94.27%)
Mutual labels:  static-analysis, security-tools, vulnerabilities
Hellraiser
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (-93.42%)
Mutual labels:  rails, security-tools, security-audit
0xsp Mongoose
a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (-93.33%)
Mutual labels:  security-tools, security-audit
Pwndoc
Pentest Report Generator
Stars: ✭ 417 (-93.36%)
Mutual labels:  security-audit, vulnerabilities
Inql
InQL - A Burp Extension for GraphQL Security Testing
Stars: ✭ 715 (-88.62%)
Mutual labels:  security-tools, security-audit
Railsgoat
A vulnerable version of Rails that follows the OWASP Top 10
Stars: ✭ 699 (-88.87%)
Mutual labels:  rails, vulnerabilities
Otseca
Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (-93.38%)
Mutual labels:  security-tools, security-audit

Brakeman Logo

Build Status Test Coverage Gitter

Brakeman

Brakeman is a static analysis tool which checks Ruby on Rails applications for security vulnerabilities.

Installation

Using RubyGems:

gem install brakeman

Using Bundler:

group :development do
  gem 'brakeman'
end

Using Docker:

docker pull presidentbeef/brakeman

Using Docker to build from source:

git clone https://github.com/presidentbeef/brakeman.git
cd brakeman
docker build . -t brakeman

Usage

Running locally

From a Rails application's root directory:

brakeman

Outside of Rails root:

brakeman /path/to/rails/application

Running with Docker

From a Rails application's root directory:

docker run -v "$(pwd)":/code presidentbeef/brakeman

With a little nicer color:

docker run -v "$(pwd)":/code presidentbeef/brakeman --color

For an HTML report:

docker run -v "$(pwd)":/code presidentbeef/brakeman -o brakeman_results.html

Outside of Rails root (note that the output file is relative to path/to/rails/application):

docker run -v 'path/to/rails/application':/code presidentbeef/brakeman -o brakeman_results.html

Compatibility

Brakeman should work with any version of Rails from 2.3.x to 6.x.

Brakeman can analyze code written with Ruby 1.8 syntax and newer, but requires at least Ruby 2.4.0 to run.

Basic Options

For a full list of options, use brakeman --help or see the OPTIONS.md file.

To specify an output file for the results:

brakeman -o output_file

The output format is determined by the file extension or by using the -f option. Current options are: text, html, tabs, json, junit, markdown, csv, codeclimate, and sonar.

Multiple output files can be specified:

brakeman -o output.html -o output.json

To output to both a file and to the console, with color:

brakeman --color -o /dev/stdout -o output.json

To suppress informational warnings and just output the report:

brakeman -q

Note all Brakeman output except reports are sent to stderr, making it simple to redirect stdout to a file and just get the report.

To see all kinds of debugging information:

brakeman -d

Specific checks can be skipped, if desired. The name needs to be the correct case. For example, to skip looking for default routes (DefaultRoutes):

brakeman -x DefaultRoutes

Multiple checks should be separated by a comma:

brakeman -x DefaultRoutes,Redirect

To do the opposite and only run a certain set of tests:

brakeman -t SQL,ValidationRegex

If Brakeman is running a bit slow, try

brakeman --faster

This will disable some features, but will probably be much faster (currently it is the same as --skip-libs --no-branching). WARNING: This may cause Brakeman to miss some vulnerabilities.

By default, Brakeman will return a non-zero exit code if any security warnings are found or scanning errors are encountered. To disable this:

brakeman --no-exit-on-warn --no-exit-on-error

To skip certain files or directories that Brakeman may have trouble parsing, use:

brakeman --skip-files file1,/path1/,path2/

To compare results of a scan with a previous scan, use the JSON output option and then:

brakeman --compare old_report.json

This will output JSON with two lists: one of fixed warnings and one of new warnings.

Brakeman will ignore warnings if configured to do so. By default, it looks for a configuration file in config/brakeman.ignore. To create and manage this file, use:

brakeman -I

Warning information

See warning_types for more information on the warnings reported by this tool.

Warning context

The HTML output format provides an excerpt from the original application source where a warning was triggered. Due to the processing done while looking for vulnerabilities, the source may not resemble the reported warning and reported line numbers may be slightly off. However, the context still provides a quick look into the code which raised the warning.

Confidence levels

Brakeman assigns a confidence level to each warning. This provides a rough estimate of how certain the tool is that a given warning is actually a problem. Naturally, these ratings should not be taken as absolute truth.

There are three levels of confidence:

  • High - Either this is a simple warning (boolean value) or user input is very likely being used in unsafe ways.
  • Medium - This generally indicates an unsafe use of a variable, but the variable may or may not be user input.
  • Weak - Typically means user input was indirectly used in a potentially unsafe manner.

To only get warnings above a given confidence level:

brakeman -w3

The -w switch takes a number from 1 to 3, with 1 being low (all warnings) and 3 being high (only highest confidence warnings).

Configuration files

Brakeman options can be stored and read from YAML files.

To simplify the process of writing a configuration file, the -C option will output the currently set options:

$ brakeman -C --skip-files plugins/
---
:skip_files:
- plugins/

Options passed in on the commandline have priority over configuration files.

The default config locations are ./config/brakeman.yml, ~/.brakeman/config.yml, and /etc/brakeman/config.yml

The -c option can be used to specify a configuration file to use.

Continuous Integration

There is a plugin available for Jenkins/Hudson.

For even more continuous testing, try the Guard plugin.

There are a couple Github Actions available.

Building

git clone git://github.com/presidentbeef/brakeman.git
cd brakeman
gem build brakeman.gemspec
gem install brakeman*.gem

Who is Using Brakeman?

..and more!

Homepage/News

Website: http://brakemanscanner.org/

Twitter: https://twitter.com/brakeman

Chat: https://gitter.im/presidentbeef/brakeman

License

Brakeman is free for non-commercial use.

See COPYING for details.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].