Static program analysis is the analysis of computer software that is performed without actually executing programs (analysis performed on executing programs is known as dynamic analysis). The term is usually applied to the analysis performed by an automated tool, with human analysis being called program understanding, program comprehension, or code review. – More on Static Analysis
Brakeman is an open source vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development.
Unlike typical website vulnerability scanners,
brakeman scans your source code for vulnerabilities. This means security testing can begin at any stage of development. There is no need for deployment or setting up the full web stack. In fact, your code does not even need to be fully functional.
brakeman is as simple as adding the gem into your
bundle and run
brakeman from your app directory!
brakeman will start analysing:
brakeman does not rely on following links on your website, it can perform a more thorough scan of your application. It is also possible to find vulnerabilities before they are actually exploitable from the live website.
📬 Get updates straight to your inbox.
Subscribe to my newsletter to make sure you don't miss anything.