Category

Security Tools

This category does not have a description yet. You can add one on github!

13.05
A long-lived project that still receives updates
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments. It's built on top of Nokogiri and libxml2, so it's fast and has a nice API. Loofah excels at HTML sanitization (XSS prevention). It includes some nice HTML sanitizers, which are based on HTML5lib's whitelist, so it most likely won't make your codes less secure. (These statements have not been evaluated by Netexperts.) ActiveRecord extensions for sanitization are available in the [`loofah-activerecord` gem](https://github.com/flavorjones/loofah-activerecord).
 Popularity
Downloads
89,490,012
Stars
697
Forks
93
Watchers
17
 Releases
Current version
2.2.3
Total releases
30
First release
Latest release
 Activity
Issue Closure Rate
84%
Pull Request Acceptance Rate
58%
Average date of last 50 commits
within last year
Reverse Dependencies
53
3.79
A long-lived project that still receives updates
Brakeman detects security vulnerabilities in Ruby on Rails applications via static analysis.
 Popularity
Downloads
14,759,166
Stars
5,106
Forks
459
Watchers
181
 Releases
Current version
4.3.1
Total releases
115
First release
Latest release
 Activity
Issue Closure Rate
89%
Pull Request Acceptance Rate
88%
Average date of last 50 commits
within last 3 months
Reverse Dependencies
56
0.24
No release in over 3 years
Low commit activity in last 3 years
There's a lot of open issues
Adds methods to set and authenticate against one time passwords. Inspired in AM::SecurePassword"
 Popularity
Downloads
668,134
Stars
425
Forks
42
Watchers
15
 Releases
Current version
1.2.0
Total releases
6
First release
Latest release
 Activity
Issue Closure Rate
50%
Pull Request Acceptance Rate
77%
Average date of last 50 commits
more than 2 years ago
Reverse Dependencies
0
0.2
No release in over 3 years
There's a lot of open issues
Codesake::Dawn is a security source code scanner for ruby powered code. Starting from January 07, 2015 this gem is renamed to dawnscanner and this version is no longer supported. Please, upgrade your Gemfile.
 Popularity
Downloads
52,930
Stars
555
Forks
61
Watchers
32
 Releases
Current version
1.2.99
Total releases
26
First release
Latest release
 Activity
Issue Closure Rate
71%
Pull Request Acceptance Rate
70%
Average date of last 50 commits
within last 2 years
Reverse Dependencies
0
0.14
No commit activity in last 3 years
No release in over 3 years
There's a lot of open issues
Tarantula is a big fuzzy spider. It crawls your Rails 2.3 and 3.x applications, fuzzing data to see what breaks.
 Popularity
Downloads
38,793
Stars
451
Forks
27
Watchers
36
 Releases
Current version
0.5.1
Total releases
13
First release
Latest release
 Activity
Issue Closure Rate
67%
Pull Request Acceptance Rate
16%
Average date of last 50 commits
more than 2 years ago
Reverse Dependencies
0
0.09
Repository is archived
No commit activity in last 3 years
xss_terminate is a plugin in that makes stripping and sanitizing HTML stupid-simple. Install and forget. And forget about forgetting to h() your output, because you won‘t need to anymore.
 Popularity
Stars
111
Forks
19
Watchers
3
 Activity
Issue Closure Rate
100%
Pull Request Acceptance Rate
0%
Average date of last 50 commits
more than 2 years ago
0.08
No commit activity in last 3 years
Find likely mass assignment vulnerabilities
 Popularity
Stars
116
Forks
11
Watchers
2
 Activity
Issue Closure Rate
75%
Pull Request Acceptance Rate
50%
Average date of last 50 commits
more than 2 years ago
0.03
No commit activity in last 3 years
No release in over 3 years
There's a lot of open issues
Provides two class methods on ActiveController::Base that filter the params hash for that controller's actions. You can think of them as the controller analog of attr_protected and attr_accessible.
 Popularity
Downloads
32,205
Stars
88
Forks
8
Watchers
3
 Releases
Current version
4.0.0
Total releases
7
First release
Latest release
 Activity
Issue Closure Rate
42%
Pull Request Acceptance Rate
60%
Average date of last 50 commits
more than 2 years ago
Reverse Dependencies
0
0.02
No commit activity in last 3 years
No release in over 3 years
This plugin replaces the default ERB template handlers with erubis, and switches the behaviour to escape by default rather than requiring you to escape. This is consistent with the behaviour in Rails 3.0.
 Popularity
Downloads
95,579
Stars
4
Forks
4
Watchers
1
 Releases
Current version
0.5.1
Total releases
10
First release
Latest release
 Activity
Pull Request Acceptance Rate
77%
Average date of last 50 commits
more than 2 years ago
Reverse Dependencies
0
0.01
No commit activity in last 3 years
No release in over 3 years
Shell execution made easy and secure
 Popularity
Downloads
5,805
Stars
23
Forks
1
Watchers
3
 Releases
Current version
1.0.2
Total releases
3
First release
Latest release
 Activity
Average date of last 50 commits
more than 2 years ago
Reverse Dependencies
0
0.01
No commit activity in last 3 years
No release in over 3 years
Adds 'sudo' methods to update protected ActiveRecord attributes with mass assignment
 Popularity
Downloads
46,096
Stars
22
Forks
2
Watchers
1
 Releases
Current version
1.0.2
Total releases
8
First release
Latest release
 Activity
Average date of last 50 commits
more than 2 years ago
Reverse Dependencies
0
0.01
No commit activity in last 3 years
No release in over 3 years
A rack middleware for whitelisting and blacklisting IPs
 Popularity
Downloads
14,504
Stars
21
Forks
4
Watchers
3
 Releases
Current version
1.1.5
Total releases
7
First release
Latest release
 Activity
Issue Closure Rate
50%
Pull Request Acceptance Rate
50%
Average date of last 50 commits
more than 2 years ago
Reverse Dependencies
0
0.0
No commit activity in last 3 years
Checks Ruby on Rails models for use of the attr_accessible white list.
 Popularity
Stars
8
Forks
0
Watchers
2
 Activity
Average date of last 50 commits
more than 2 years ago
0.0
No commit activity in last 3 years
Ruby on Rails Plugin that automatically wraps html_escape() around ActiveRecord attribute methods associated with string and text fields in the database.
 Popularity
Stars
4
Forks
1
Watchers
6
 Activity
Issue Closure Rate
100%
Average date of last 50 commits
more than 2 years ago