Top 23 Ruby Security Projects

Security

• Add a project

1. Metasploit

   1 126 38,332 10.0 Ruby

   Metasploit Framework

   

   Project mention: GSoC 2026 Predictions: 30 NEW AI/ML/Security Organizations You Should Start Contributing to NOW! | dev.to | 2026-02-06

   Framework: https://github.com/rapid7/metasploit-framework ⭐ 34k+

2. SaaSHub

   www.saashub.com featured

   SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

   

3. wpscan

   2 26 9,622 3.3 Ruby

   WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com

   

   Project mention: WPScan: WordPress Security Scanner | news.ycombinator.com | 2025-12-24

4. Brakeman

   3 20 7,246 8.4 Ruby

   A static analysis security vulnerability scanner for Ruby on Rails applications

   

   Project mention: How to integrate Brakeman Security Scanner with GitHub Code Scanning | dev.to | 2025-12-22

   The Rails security scanner Brakeman supports the SARIF format, but I couldn't find any documentation about how to join all the pieces together and see Brakeman results in GitHub Code Scanning. This blog post is my answer to the question of how you do it.

5. WhatWeb

   4 2 6,634 7.6 Ruby

   Next generation web scanner

   

6. Rack::Attack

   5 15 5,742 6.3 Ruby

   Rack middleware for blocking & throttling

   

   Project mention: Rails Built-in Rate Limiting: A Deep Dive | dev.to | 2025-08-03

   Ruby on Rails 7.2 introduces a powerful, built-in rate limiting mechanism directly into Action Controller. This eliminates the need for third-party gems like rack-attack for many common use cases, offering a first-party, integrated solution for protecting your application from abuse.

7. WebHackersWeapons

   6 1 4,626 7.9 Ruby

   ⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

   

8. SecureHeaders

   7 2 3,226 7.3 Ruby

   Manages application of security headers with many safe defaults

   

9. inspec

   8 13 3,072 8.9 Ruby

   InSpec: Auditing and Testing Framework

   

10. PasswordPusher

    9 82 3,043 9.9 Ruby

    🔐 Securely share sensitive information with automatic expiration & deletion after a set number of views or duration. Track who, what and when with full audit logs.

    

    Project mention: Password Pusher: Share secrets securely with self-deleting links and audit logs | news.ycombinator.com | 2025-08-07

11. bundler-audit

    10 5 2,755 6.4 Ruby

    Patch-level verification for Bundler

    

12. OAuth2

    11 10 2,181 9.5 Ruby

    🔐 oauth2 - A Ruby wrapper for the OAuth 2.0, & 2.1 Authorization Frameworks, including OpenID Connect (OIDC) (by ruby-oauth)

    

    Project mention: 💎REL: oauth2 v2.0.18 | dev.to | 2026-03-31

    oauth2 v2.0.18 was released... almost five months ago. And I never got around to posting about it. Being unemployed is a LOT of work...

13. authentication-zero

    12 16 1,872 7.5 Ruby

    An authentication system generator for Rails applications.

    

14. cocoapods-keys

    13 2 1,550 2.1 Ruby

    A key value store for storing per-developer environment and application keys

    

15. rails-security-checklist

    14 1 1,365 1.8 Ruby

    :key: Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)

    

16. best-practices-badge

    15 2 1,340 9.7 Ruby

    🏆Open Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)

    

17. username-anarchy

    16 1 1,339 6.1 Ruby

    Username tools for penetration testing

    

18. cfn_nag

    17 14 1,307 0.0 Ruby

    Linting tool for CloudFormation templates

    

19. invisible_captcha

    18 2 1,242 3.9 Ruby

    🍯 Unobtrusive and flexible spam protection for Rails apps

    

20. MobileHackersWeapons

    19 1 1,239 6.8 Ruby

    Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

    

21. RbNaCl

    20 1 985 3.8 Ruby

    Ruby FFI binding to the Networking and Cryptography (NaCl) library (a.k.a. libsodium)

    

22. Hashids

    21 1 985 2.3 Ruby

    A small Ruby gem to generate YouTube-like hashes from one or many numbers. Use hashids when you do not want to expose your database ids to the user.

    

23. haiti

    22 21 983 7.5 Ruby

    :key: Hash type identifier (CLI & lib)

    

24. linux-baseline

    23 1 874 4.8 Ruby

    DevSec Linux Baseline - InSpec Profile

    

Ruby Security related posts

• Ronin – A Security Toolkit

  1 project | news.ycombinator.com | 14 Mar 2026

• WPScan: WordPress Security Scanner

  1 project | news.ycombinator.com | 24 Dec 2025

• How to integrate Brakeman Security Scanner with GitHub Code Scanning

  4 projects | dev.to | 22 Dec 2025

• 安卓深度链接安全研究基于Metasploit的QR码攻击模块开发实践

  1 project | dev.to | 31 Oct 2025

• Password Pusher: Share secrets securely with self-deleting links and audit logs

  2 projects | news.ycombinator.com | 7 Aug 2025

• Rails Built-in Rate Limiting: A Deep Dive

  3 projects | dev.to | 3 Aug 2025

• Built-in Rate Limiting in Rails 8

  1 project | dev.to | 28 May 2025
• A note from our sponsor - SaaSHub
  www.saashub.com | 13 Jun 2026

  SaaSHub helps you find the best software and product alternatives Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

Do not miss the trending Ruby projects with our weekly report!