I would like to know whether there are any free tools available which can be used to test security vulnerabilities in a rails app. I came across skipfish, which I found was not very intuitive in its report. Are there any similar tools available?
Update
I've found a tool, ZAP, which can be used for doing penetration testing for any Web applications. You can easily automate it by integrating it with testing tools such as Selenium. This looks really cool and has many features and easy to use too.
Lee开发者_如何学运维na
Rails Best Practices already mentioned is very good for general code quality checks, but specifically for security vulnerabilities checks, definitely have a look at Brakeman, "an open source vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development".
You could also hook your app in to Rails Brakeman to have the Brakeman security report run every time you do a commit at Github.
I can see only the book about it Rails Security Guides
To overall check your code use rails_best_practices gem
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论