Installation

Install Brakeman On Ubuntu

Brakeman source code scanner is simple and easy to get started software. Brakeman source code scanning tool can be installed as a Ruby gem or via Docker. Run the following using rubygems in project directory:

    gem install brakeman

If you want to install using Bundler, add the following to your Gemfile or gems.rb:

    gem "brakeman"

Then run bundler to install gems:

    bundle install

Run Brakeman static analysis software from the root of your Ruby on Rails application:

    cd path/to/your/app
    brakeman 

To fetch the latest build of Brakeman static code analysis using Docker run below:

    docker pull presidentbeef/brakeman

Now run Brakeman static analysis security from the root of your Ruby on Rails application:

    cd path/to/your/app
    docker run -v "$(pwd)":/code brakeman --color

For building from source you will need Git, Ruby, and RubyGems installed.

    git clone https://github.com/presidentbeef/brakeman.git
    cd brakeman
    gem build brakeman.gemspec
    gem install brakeman-*.gem

There are some scanning checks which are not run by default. Run below to run all checks:

    brakeman -A

Brakeman open source scan is run as a command line tool and it needs the root directory of the ruby on rails application to get started and to scan source code for vulnerabilities. Once Brakeman static code analysis is running and producing reports, it’s time to start fixing reported issues. After fixing an issue, run Brakeman once again.

Congratulations! You have now set up the Brakeman Tool static analysis tool. Enjoy!