Brakeman Free Security Software
Ruby Based Static Analysis Security Vulnerability Scanner
Brakeman is a free code analysis and security vulnerability scanner for Ruby on Rails applications. It finds issues in code before they become exploitable.
Overview
Brakeman is a open source static code analysis tool to check Ruby on Rails applications for security vulnerabilities. It comes as an open source project with optional commercial support for vulnerability detection in Rails applications. Brakeman static analysis tool scans for known insecure patterns and configurations in your source code before the code reaches production. It is the most comprehensive security scanner that provides an easy to read vulnerability assessment report and reports can be generated while building or deploying an app to sandbox or production environments. Brakeman can also be used for Sinatra and any other kind of rack application to find security issues.
Brakeman static code analysis security tool separates issues in different high, medium and weak levels. It scans all files in source code of an application to find potential security vulnerabilities at any stage of development. Every time new code changes are committed to the code repository, the brakeman source code scanner runs to check for security vulnerabilities by performing a static analysis of the code. This tool will catch many known vulnerabilities such as SQL Injection, Command injection, Cross Site Scripting and more. Brakeman is an open source source code analysis tool with 6.1K GitHub stars and 652 GitHub forks.
System Requirements
The following key dependency packages are required to install Brakeman static analysis software:
- Ruby: 2.3.0
- Rails: 2.3.x or above
- Bundler
- RubyMine editor
- Git
Features
Some of the great features of Brakeman static code analysis tool are listed below:
- Command line interface
- Fast source code scans
- Zero configuration required
- Security scans at any point
- Rails data flow analysis
- Detects 20+ vulnerability types
- JSON reports
- False positive management
- Open source
Installation
Install Brakeman On Ubuntu
Brakeman source code scanner is simple and easy to get started software. Brakeman source code scanning tool can be installed as a Ruby gem or via Docker. Run the following using rubygems in project directory:
gem install brakeman
If you want to install using Bundler, add the following to your Gemfile or gems.rb:
gem "brakeman"
Then run bundler to install gems:
bundle install
Run Brakeman static analysis software from the root of your Ruby on Rails application:
cd path/to/your/app
brakeman
To fetch the latest build of Brakeman static code analysis using Docker run below:
docker pull presidentbeef/brakeman
Now run Brakeman static analysis security from the root of your Ruby on Rails application:
cd path/to/your/app
docker run -v "$(pwd)":/code brakeman --color
For building from source you will need Git, Ruby, and RubyGems installed.
git clone https://github.com/presidentbeef/brakeman.git
cd brakeman
gem build brakeman.gemspec
gem install brakeman-*.gem
There are some scanning checks which are not run by default. Run below to run all checks:
brakeman -A
Brakeman open source scan is run as a command line tool and it needs the root directory of the ruby on rails application to get started and to scan source code for vulnerabilities. Once Brakeman static code analysis is running and producing reports, it’s time to start fixing reported issues. After fixing an issue, run Brakeman once again.
Congratulations! You have now set up the Brakeman Tool static analysis tool. Enjoy!
FAQs
What is Brakeman security used for?
Brakeman is a static analysis, zero-setup and vulnerability scanner software for Ruby on Rails applications. It is fast, easy to use and automated static code analysis tool. It statically analyzes the source code of Rails applications and provides information report about potential security vulnerabilities.
Is Brakeman free?
Brakeman is a free to use and dowload for non-commercial use.
Is Brakeman open source?
Brakeman is an open source security scanner and source code analysis tool for Ruby on Rails applications. Brakeman source code repository is available at Github.
In what language is Brakeman written?
Brakeman code analysis tool is written in Ruby programming language.
What is Brakeman vs Snyk?
Brakeman directly scans for security vulnerabilities, known insecure patterns and configurations in your aplication source code similar to bundler-audit software. The brakeman command analysis will run and output the results in your Rails project. While Snyk vulnerability scanning tool automatically detects and fixes vulnerabilities in your application code, containers, Kubernetes, Terraform, Node and npm dependencies.