- Joined
- May 15, 2017
- Messages
- 981
- Likes
- 760
- Points
- 1,045
Dawnscanner is a source code scanner designed to review your ruby code for security issues.
dawnscanner is able to scan plain ruby scripts (e.g. command line applications) but all its features are unleashed when dealing with web applications source code. dawnscanner is able to scan major MVC (Model View Controller) frameworks, out of the box:
As you can see dawnscanner is on hold since more then an year. Sorry for that. It's life. I was overwhelmed by tons of stuff and I dedicated free time to Offensive Security certifications. True to be told, I'm starting OSCE journey really soon.
The dawnscanner project will be updated soon with new security checks and kickstarted again.
Installation
You can start your code review with dawnscanner very easily. Simply tell the tool where the project root directory.
Underlying MVC framework is autodetected by dawnscanner using target Gemfile.lock file. If autodetect fails for some reason, the tool will complain about it and you have to specify if it's a rails, sinatra or padrino web application by hand.
Basic usage is to specify some optional command line option to fit best your needs, and to specify the target directory where your code is stored.
Download Dawnscanner
dawnscanner is able to scan plain ruby scripts (e.g. command line applications) but all its features are unleashed when dealing with web applications source code. dawnscanner is able to scan major MVC (Model View Controller) frameworks, out of the box:
As you can see dawnscanner is on hold since more then an year. Sorry for that. It's life. I was overwhelmed by tons of stuff and I dedicated free time to Offensive Security certifications. True to be told, I'm starting OSCE journey really soon.
The dawnscanner project will be updated soon with new security checks and kickstarted again.
Installation
If you want to add dawn to your project Gemfile, you must add the following:
And then upgrade your bundle
You may want to build it from source, so you have to check it out from github first:
Usage
You can start your code review with dawnscanner very easily. Simply tell the tool where the project root directory.
Underlying MVC framework is autodetected by dawnscanner using target Gemfile.lock file. If autodetect fails for some reason, the tool will complain about it and you have to specify if it's a rails, sinatra or padrino web application by hand.
Basic usage is to specify some optional command line option to fit best your needs, and to specify the target directory where your code is stored.
Download Dawnscanner