Ruby Security

Open-source Ruby projects categorized as Security | Edit details

Top 23 Ruby Security Projects

  • GitHub repo Metasploit

    Metasploit Framework

    Project mention: Metasploit module OSX/local/persistence not working properly | | 2021-11-21

    Git hub link for easier reading

  • GitHub repo Brakeman

    A static analysis security vulnerability scanner for Ruby on Rails applications

    Project mention: Fixing Just One False Positive in Brakeman | | 2021-11-08

    This is pretty easy to handle. In the case where a splatted array is the only argument to a method, we'll simply use the elements of the array as the argument list. (Check out the pull request here)

  • Nanos

    Run Linux Software Faster and Safer than Linux with Unikernels.

  • GitHub repo wpscan

    WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites.

    Project mention: How do I respond to a security researcher? | | 2021-11-18

    It's not difficult to use an off the shelf scanner to identify potentially vulnerable scripts on someones site then email them asking for money while alluding to other potential vulnerabilities.

  • GitHub repo Rack::Attack

    Rack middleware for blocking & throttling

    Project mention: Limiting the amount of calls user can make to an api | | 2021-11-11

    Second vote for rack-attack!

  • GitHub repo WhatWeb

    Next generation web scanner

    Project mention: The most important step in hacking - Enumeration | | 2021-07-12


  • GitHub repo SecureHeaders

    Manages application of security headers with many safe defaults

    Project mention: Rails application boilerplate for fast MVP development | | 2021-08-06

    add secure_headers

  • GitHub repo Portus

    Authorization service and frontend for Docker registry (v2)

    Project mention: Suggestions for self hosted container registries? | | 2021-08-03
  • Scout APM

    Scout APM: A developer's best friend. Try free for 14-days. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.

  • GitHub repo inspec

    InSpec: Auditing and Testing Framework

    Project mention: Checking compliance of controls? Job help | | 2021-09-17
  • GitHub repo bundler-audit

    Patch-level verification for Bundler

  • GitHub repo cocoapods-keys

    A key value store for storing per-developer environment and application keys

    Project mention: Can my app be open source on GitHub ? If yes, is there any things I need to be careful about ? | | 2021-11-14

    For storing API keys I can recommend you

  • GitHub repo cfn_nag

    Linting tool for CloudFormation templates

    Project mention: Container security best practices: Comprehensive guide | | 2021-11-16

    If you are using infrastructure as code, incorporate IaC scanning tools like Apolicy, Checkov, tfsec, or cfn_nag to validate the configuration of your infrastructure before it is created or updated. Similar to other linting tools, apply IaC scanning tools locally and in your pipeline, and consider blocking changes that introduce security issues.

  • GitHub repo RbNaCl

    Ruby FFI binding to the Networking and Cryptography (NaCl) library (a.k.a. libsodium)

  • GitHub repo invisible_captcha

    :honey_pot: Unobtrusive and flexible spam protection for Rails apps

    Project mention: Rails application boilerplate for fast MVP development | | 2021-08-06

    add invisible_captcha

  • GitHub repo Hashids

    A small Ruby gem to generate YouTube-like hashes from one or many numbers. Use hashids when you do not want to expose your database ids to the user.

  • GitHub repo dawnscanner

    Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.

    Project mention: Rails application boilerplate for fast MVP development | | 2021-08-06

    test and add dawnscanner

  • GitHub repo krane

    Kubernetes RBAC static Analysis & visualisation tool

    Project mention: Kubernetes Security Checklist 2021 | | 2021-10-18

    RBAC Rights should be audited regularly (KubiScan, Krane)

  • GitHub repo aws-recon

    Multi-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata.

    Project mention: Multi-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata. | | 2021-11-04
  • GitHub repo devise-security

    A security extension for devise, meeting industry-standard security demands for web applications.

    Project mention: Rails application boilerplate for fast MVP development | | 2021-08-06

    add devise-security

  • GitHub repo cis-docker-benchmark

    CIS Docker Benchmark - InSpec Profile

  • GitHub repo opencspm

    Open Cloud Security Posture Management Engine

    Project mention: GitHub - OpenCSPM/opencspm: Open Cloud Security Posture Management Engine | | 2021-08-12
  • GitHub repo Rack::UTF8Sanitizer

    Rack::UTF8Sanitizer is a Rack middleware which cleans up invalid UTF8 characters in request URI and headers.

  • GitHub repo urlcrazy

    Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

    Project mention: Generate and test domain typos and variations | | 2021-10-14
  • GitHub repo haiti

    :key: Hash type identifier (CLI & lib)

    Project mention: Haiti v1.2.2 release | | 2021-08-24
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2021-11-21.

Ruby Security related posts


What are some of the best open-source Security projects in Ruby? This list will help you:

Project Stars
1 Metasploit 25,727
2 Brakeman 6,266
3 wpscan 6,221
4 Rack::Attack 5,003
5 WhatWeb 3,473
6 SecureHeaders 2,939
7 Portus 2,878
8 inspec 2,443
9 bundler-audit 2,390
10 cocoapods-keys 1,482
11 cfn_nag 944
12 RbNaCl 940
13 invisible_captcha 903
14 Hashids 873
15 dawnscanner 652
16 krane 403
17 aws-recon 379
18 devise-security 365
19 cis-docker-benchmark 365
20 opencspm 272
21 Rack::UTF8Sanitizer 263
22 urlcrazy 253
23 haiti 171
Find remote jobs at our new job board There are 32 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives