Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR. Learn more →
Top 23 Ruby Security Projects
-
Project mention: The Ultimate Guide to Cybersecurity: Protecting Yourself in the Digital Age | dev.to | 2025-01-19
Antivirus Software: Norton Antivirus and McAfee. Firewall Solutions: Palo Alto Networks and Cisco Firepower. Penetration Testing Tools: Metasploit and Burp Suite. Threat Intelligence Platforms: Recorded Future and ThreatConnect.
-
CodeRabbit
CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
-
wpscan
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]
-
If you're looking for static typing a dynamic language is going to be a poor fit. I find a place for both. I love Rust, but trying to write a tool that consumed a GraphQL API with was a brutal exercise in frustation. I'd say that goes for typing of JSON or YAML or whatever structured format in general. It's refreshing being able to just work with data in the form I already know it's in. Ruby can be an incredibly productive language to work with.
If you're looking for static analysis in general, please note that there are mature tools available. Rubocop¹ is probably the most popular and allows for linting and code formatting. Brakeman² is a vulnerability scanner for Rails. Sorbet³ is a static type checker.
The tooling is there if you want to try things out. But, if you want a statically typed language then that's a debate that's been going since the dawn of programming language design. I doubt it's going to get resolved in this thread.
¹ - https://github.com/rubocop/rubocop
² - https://brakemanscanner.org/
³ - https://sorbet.org/
-
-
-
WebHackersWeapons
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
-
-
Nutrient
Nutrient - The #1 PDF SDK Library. Bad PDFs = bad UX. Slow load times, broken annotations, clunky UX frustrates users. Nutrient’s PDF SDKs gives seamless document experiences, fast rendering, annotations, real-time collaboration, 100+ features. Used by 10K+ devs, serving ~half a billion users worldwide. Explore the SDK for free.
-
-
-
PasswordPusher
🔐 Securely share sensitive information with automatic expiration & deletion after a set number of views or duration. Track who, what and when with full audit logs.
Project mention: Password Pusher: Securely share sensitive information with automatic expiration | news.ycombinator.com | 2024-10-09 -
Some simpler alternatives to consider:
Rails 8 comes with a basic auth generator: https://www.bigbinary.com/blog/rails-8-introduces-a-basic-au...
There's also https://github.com/lazaronixon/authentication-zero that goes beyond that.
-
-
rails-security-checklist
:key: Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)
-
-
best-practices-badge
🏆Open Source Security Foundation (OpenSSF) Best Practices Badge (formerly Core Infrastructure Initiative (CII) Best Practices Badge)
Project mention: Netdata is shipping their new dashboard as closed source blobs | news.ycombinator.com | 2024-08-16 -
-
-
Hashids
A small Ruby gem to generate YouTube-like hashes from one or many numbers. Use hashids when you do not want to expose your database ids to the user.
-
-
Project mention: Securing your Cloud Infrastructure: A comprehensive guide to hardening, scaling, automating and monitoring your servers | dev.to | 2024-08-26
-
dawnscanner
Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.
-
ronin
Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin also allows for the rapid development and distribution of code, exploits, payloads, etc, via 3rd-party git repositories. (by ronin-rb)
Project mention: Ronin: Free and Open Source Ruby Toolkit for Security Research and Development | news.ycombinator.com | 2024-03-19 -
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Ruby Security discussion
Ruby Security related posts
-
The Ultimate Guide to Cybersecurity: Protecting Yourself in the Digital Age
-
What are some common strategies for preventing SQL injection vulnerabilities in Rails beyond ActiveRecord?
-
Penetration Testing | Kali Linux | Metasploitable2 | Hands-on Cybersecurity Lab
-
Password Pusher: Securely share sensitive information with automatic expiration
-
Open Source Tool List for Web App Security
-
Securely share sensitive information with automatic expiration and deletion
-
Beyond Bugs: The Hidden Impact of Code Quality (Part 2) 🌟
-
A note from our sponsor - CodeRabbit
coderabbit.ai | 14 Feb 2025
Index
What are some of the best open-source Security projects in Ruby? This list will help you:
# | Project | Stars |
---|---|---|
1 | Metasploit | 34,794 |
2 | wpscan | 8,773 |
3 | Brakeman | 7,065 |
4 | WhatWeb | 5,706 |
5 | Rack::Attack | 5,587 |
6 | WebHackersWeapons | 3,933 |
7 | SecureHeaders | 3,166 |
8 | inspec | 2,880 |
9 | bundler-audit | 2,695 |
10 | PasswordPusher | 2,214 |
11 | authentication-zero | 1,708 |
12 | cocoapods-keys | 1,554 |
13 | rails-security-checklist | 1,362 |
14 | cfn_nag | 1,263 |
15 | best-practices-badge | 1,239 |
16 | invisible_captcha | 1,185 |
17 | RbNaCl | 981 |
18 | Hashids | 973 |
19 | haiti | 827 |
20 | linux-baseline | 793 |
21 | dawnscanner | 738 |
22 | ronin | 703 |
23 | console1984 | 700 |