Brakeman is a open source static code analysis tool to check Ruby on Rails applications for security vulnerabilities.

Brakeman Free Security Software

Ruby based static analysis security vulnerability scanner

Brakeman is a free code analysis and security vulnerability scanner for Ruby on Rails applications. It finds issues in code before they become exploitable.

Brakeman is a open source static code analysis tool to check Ruby on Rails applications for security vulnerabilities. It comes as an open source project with optional commercial support for vulnerability detection in Rails applications. Brakeman static analysis tool scans for known insecure patterns and configurations in your source code before the code reaches production. It is the most comprehensive security scanner that provides an easy to read vulnerability assessment report and reports can be generated while building or deploying an app to sandbox or production environments. Brakeman can also be used for Sinatra and any other kind of rack application to find security issues.

Brakeman static code analysis security tool separates issues in different high, medium and weak levels. It scans all files in source code of an application to find potential security vulnerabilities at any stage of development. Every time new code changes are committed to the code repository, the brakeman source code scanner runs to check for security vulnerabilities by performing a static analysis of the code. This tool will catch many known vulnerabilities such as SQL Injection, Command injection, Cross Site Scripting and more. Brakeman is an open source source code analysis tool with 6.1K GitHub stars and 652 GitHub forks.

System Requirements

The following key dependency packages are required to install Brakeman static analysis software:

  • Ruby: 2.3.0
  • Rails: 2.3.x or above
  • Bundler
  • RubyMine editor
  • Git

Features

Some of the great features of Brakeman static code analysis tool are listed below:

  • Command line interface
  • Fast source code scans
  • Zero configuration required
  • Security scans at any point
  • Rails data flow analysis
  • Detects 20+ vulnerability types
  • JSON reports
  • False positive management
  • Open source

Installation

Install Brakeman On Ubuntu

Brakeman source code scanner is simple and easy to get started software. Brakeman source code scanning tool can be installed as a Ruby gem or via Docker. Run the following using rubygems in project directory:

gem install brakeman

If you want to install using Bundler, add the following to your Gemfile or gems.rb:

gem "brakeman"

Then run bundler to install gems:

bundle install

Run Brakeman static analysis software from the root of your Ruby on Rails application:

cd path/to/your/app
brakeman 

To fetch the latest build of Brakeman static code analysis using Docker run below:

docker pull presidentbeef/brakeman

Now run Brakeman static analysis security from the root of your Ruby on Rails application:

cd path/to/your/app
docker run -v "$(pwd)":/code brakeman --color

For building from source you will need Git, Ruby, and RubyGems installed.

git clone https://github.com/presidentbeef/brakeman.git
cd brakeman
gem build brakeman.gemspec
gem install brakeman-*.gem

There are some scanning checks which are not run by default. Run below to run all checks:

brakeman -A

Brakeman open source scan is run as a command line tool and it needs the root directory of the ruby on rails application to get started and to scan source code for vulnerabilities. Once Brakeman static code analysis is running and producing reports, it’s time to start fixing reported issues. After fixing an issue, run Brakeman once again.

Congratulations! You have now set up the Brakeman Tool static analysis tool. Enjoy!

Explore

In this article we discussed about Brakeman open source static code analysis tool. To learn about other open source security scanning tools, please visit following page: