Top Ruby Frameworks & Libraries for security

A static analysis security vulnerability scanner for Ruby on Rails applications

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites....

Manages application of security headers with many safe defaults

Web Application Security Scanner Framework

Authorization service and frontend for Docker registry (v2)

Web framework that allows performing periodic syncs of data sources and performing analysis on the identified results...

InSpec: Auditing and Testing Framework

Checklist of security precautions for Ruby on Rails applications.

:key: Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)...

:orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report

๐Ÿ†Core Infrastructure Initiative Best Practices Badge

A Ruby framework designed to aid in the penetration testing of WordPress systems.

:honey_pot: Unobtrusive and flexible spam protection for Rails apps

An enterprise security extension for devise, trying to meet industrial standard security demands for web applications....

Application template for Rails 6 projects; preloaded with best practices for TDD, security, deployment, and developer productivity....

Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks....

DevSec Linux Baseline - InSpec Profile

Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem

Visualize your aws security groups.

Dradis Framework: Colllaboration and reporting for IT Security teams

Rails 4.1 starter app with production ready performance, security, and authentication.

Application Security Automation

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

This chef cookbook provides numerous security-related configurations, providing all-round base protection....

Data analysis and OSINT framework for Twitter

CIS Docker Benchmark - InSpec Profile

Comfortable (seriously) white-list security restrictions for models on a field level

Linting tool for CloudFormation templates

Patch-level verification for Bundler

A security extension for devise, meeting industrial standard security demands for web applications.

Kubernetes RBAC static Analysis & visualisation tool

(deprecated) Android application vulnerability analysis and Android pentest tool

Simple role based security for restful_authentication I am no longer involved in this project. If you are interested in becoming the new maintainer and making it...

API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities...

๐Ÿ” PasswordPusher is an application to securely communicate passwords over the web. Passwords automatically expire after a certain number of views and/or time has...

Multi-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata....