guardrails / guardrails
Licence: other
guardrails.cs.virginia.edu
Stars: ✭ 18
Programming Languages
actionscript
884 projects
ruby
36898 projects - #4 most used programming language
C#
18002 projects
PHP
23972 projects - #3 most used programming language
javascript
184084 projects - #8 most used programming language
HTML
75241 projects
Projects that are alternatives of or similar to guardrails
UltimateCMSWordlists
📚 An ultimate collection wordlists of the best-known CMS
Stars: ✭ 54 (+200%)
Mutual labels: web-security, web-security-research
WDIR
Good resources about web security that I have read.
Stars: ✭ 14 (-22.22%)
Mutual labels: web-security, web-security-research
Mobile Security Framework Mobsf
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+56633.33%)
Mutual labels: dynamic-analysis, web-security
challenges-back-end
Repositório referente à desafios de Back End da womakerscode
Stars: ✭ 68 (+277.78%)
Mutual labels: ruby-on-rails
lamby-cookiecutter
AWS SAM Cookiecutter to Quick Start Rails & Lambda 🐑🛤
Stars: ✭ 17 (-5.56%)
Mutual labels: ruby-on-rails
CJ2018-Final-CTF
Cyber Jawara 2018 Final - Attack & Defense CTF services environments based on Docker.
Stars: ✭ 58 (+222.22%)
Mutual labels: web-security
campaign-manager
The Camapign Management UI for RTB4Free, the open source bidder / DSP.
Stars: ✭ 24 (+33.33%)
Mutual labels: ruby-on-rails
Devise-Omniauth-Multiple-Providers
Devise Multiple Omniauth Providers
Stars: ✭ 34 (+88.89%)
Mutual labels: ruby-on-rails
prefixed ids
Friendly Prefixed IDs for your Ruby on Rails models
Stars: ✭ 159 (+783.33%)
Mutual labels: ruby-on-rails
active record-updated at
Touch `updated_at` by default with calls to `update_all` and `update_column(s)`
Stars: ✭ 27 (+50%)
Mutual labels: ruby-on-rails
jitana
A graph-based static-dynamic hybrid DEX code analysis tool
Stars: ✭ 35 (+94.44%)
Mutual labels: dynamic-analysis
awesome-malware-analysis
Defund the Police.
Stars: ✭ 9,181 (+50905.56%)
Mutual labels: dynamic-analysis
MyopicVicar
MyopicVicar (short-sighted clergyman!) is an open-source genealogy record database and search engine. It powers the FreeREG database of parish registers, the FreeCEN database of census records, the next version of FreeBMD database of Civil Registration indexes and other Genealogical applications.
Stars: ✭ 40 (+122.22%)
Mutual labels: ruby-on-rails
docker-rails-demo
Demo app for Rails, Docker and Webpack
Stars: ✭ 29 (+61.11%)
Mutual labels: ruby-on-rails
graphql-ruby-sample
Sample application for demonstrating GraphQL Ruby on Rails integration
Stars: ✭ 16 (-11.11%)
Mutual labels: ruby-on-rails
lcbo-api
A crawler and API server for Liquor Control Board of Ontario retail data
Stars: ✭ 152 (+744.44%)
Mutual labels: ruby-on-rails
railways
A plugin for RubyMine and IntelliJ IDEA Ultimate that adds a panel with routes of Ruby on Rails application.
Stars: ✭ 44 (+144.44%)
Mutual labels: ruby-on-rails
bioportal web ui
A Rails application for biological ontologies
Stars: ✭ 20 (+11.11%)
Mutual labels: ruby-on-rails
exception hunter
Crash reporting engine to hunt down bugs 🐞
Stars: ✭ 78 (+333.33%)
Mutual labels: ruby-on-rails
GEM REQUIREMENTS: ----------------- - Ruby on Rails [version 2.x.x] (Rails 3 not yet supported) - ruby_parser [2.0.5+] - ruby2ruby [1.2.5+] - nokogiri [1.4.4+] and mechanize WHAT VERSIONS OF RUBY ARE SUPPORTED? ------------------------------------ Ruby 1.8 is necessary to run the ruby_parser and ruby2ruby gems and must be the version of Ruby that is used when performing transformations. That being said, GuardRails supports both Ruby 1.8 and Ruby 1.9, so once the GuardRails transformation has been performed, either Ruby 1.8.x or Ruby 1.9.x may be used to run the application. GUARDRAILS SETUP: ----------------- To initially set up GuardRails, follow these steps: 1. Install the required gems 2. Download a copy of GuardRails 3. Navigate the GuardRails package to the RawApps folder and place a working copy of your Rails application in the folder. 4. Go to RawApps/yourApp/config. Copy the template "config.gr" from the root of the GuardRails package and place them here. You will want to edit these for each application individually. 5. To test your setup, in the root of the GuardRails package, execute the "run.sh" shell script, passing in the name of the folder containing your application in the RawApps directory: ~$ ./run.sh yourApp 6. Run rake db:migrate in your new application. This will add the extra fields needed for taint tracking. This process preserves the database from the "RawApps" version in the "ProdApps" version, but note that any changes to the "ProdApps" database will be lost if the GuardRails transformation is performed again. Update: In the latest version of GuardRails, rake db:migrate only needs to be run the first time the transformation is performed. In subsequent transformations, the database in the "ProdApps" folder is preserved, rather than replaced by the one in "RawApps". If you still would like the "ProdApps" database to be replaced, run the GuardRails transformation with the "-r" flag and then re-run rake db:migrate in the "ProdApps" folder. GEM MODIFICATIONS (Improved explanation coming soon, this portion can be avoided for now): ------------------ Because string interpolation is only controlled by native Ruby code, it can potentially drop taint information. For this reason, any cases of interpolation must be removed from ruby libraries that are used in your application that may handle sensitive string information. Note that this is done for your application by default. Rails, however, must be modified to remove interpolation. Currently, this can be done with the following steps: 1. Replace the ruby2ruby.rb file in your gem library with the ruby2ruby.rb file given in the repository 2. Back up a copy of the rails gem you are using 3. Run the 'converter.rb' file Ruby 1.8 giving the directory of the actionpack gem for the version of rails you are using Note that this only removes interpolation from actionpack rails files, but this is often sufficient to secure the application. This transformation will soon be able to be applied to all of rails and arbitrary code libraries. In addition, we will soon provide pre-transformed versions of rails that can be installed simply as another version of rails and thus no rails gems will need to be modified.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].